From 3cb58cb76a78d201af2a8fd5439ba610871e7a3f Mon Sep 17 00:00:00 2001 From: AWS SDK for Go v2 automation user Date: Tue, 5 Jul 2022 18:13:31 +0000 Subject: [PATCH] Update API model --- .../aws-models/config-service.json | 76 +- .../sdk-codegen/aws-models/lex-models-v2.json | 36 +- .../sdk-codegen/aws-models/quicksight.json | 394 +++- codegen/sdk-codegen/aws-models/rds.json | 258 ++- .../sdk-codegen/aws-models/rolesanywhere.json | 2056 +++++++++++++++++ .../sdk-codegen/aws-models/ssm-incidents.json | 49 +- 6 files changed, 2771 insertions(+), 98 deletions(-) create mode 100644 codegen/sdk-codegen/aws-models/rolesanywhere.json diff --git a/codegen/sdk-codegen/aws-models/config-service.json b/codegen/sdk-codegen/aws-models/config-service.json index fa9eb3a42cf..55259e2f0de 100644 --- a/codegen/sdk-codegen/aws-models/config-service.json +++ b/codegen/sdk-codegen/aws-models/config-service.json @@ -1165,7 +1165,7 @@ "MaximumExecutionFrequency": { "target": "com.amazonaws.configservice#MaximumExecutionFrequency", "traits": { - "smithy.api#documentation": "

The maximum frequency with which Config runs evaluations\n\t\t\tfor a rule. You can specify a value for\n\t\t\t\tMaximumExecutionFrequency when:

\n\t\t \n\n\n\n\t\t \n\t\t\t

By default, rules with a periodic trigger are evaluated\n\t\t\t\tevery 24 hours. To change the frequency, specify a valid value\n\t\t\t\tfor the MaximumExecutionFrequency\n\t\t\t\tparameter.

\n\t\t " + "smithy.api#documentation": "

The maximum frequency with which Config runs evaluations\n\t\t\tfor a rule. You can specify a value for\n\t\t\t\tMaximumExecutionFrequency when:

\n\t\t \n\n\n\n\t\t \n\t\t\t

By default, rules with a periodic trigger are evaluated\n\t\t\t\tevery 24 hours. To change the frequency, specify a valid value\n\t\t\t\tfor the MaximumExecutionFrequency\n\t\t\t\tparameter.

\n\t\t " } }, "ConfigRuleState": { @@ -1707,7 +1707,7 @@ "roleARN": { "target": "com.amazonaws.configservice#String", "traits": { - "smithy.api#documentation": "

Amazon Resource Name (ARN) of the IAM role used to describe the\n\t\t\tAmazon Web Services resources associated with the account.

" + "smithy.api#documentation": "

Amazon Resource Name (ARN) of the IAM role used to describe the\n\t\t\tAmazon Web Services resources associated with the account.

\n\t\t \n

While the API model does not require this field, the server will reject a request without a defined roleARN for the configuration recorder.

\n " } }, "recordingGroup": { @@ -2369,6 +2369,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteAggregationAuthorizationRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InvalidParameterValueException" @@ -2402,6 +2405,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteConfigRuleRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchConfigRuleException" @@ -2434,6 +2440,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteConfigurationAggregatorRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchConfigurationAggregatorException" @@ -2460,6 +2469,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteConfigurationRecorderRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchConfigurationRecorderException" @@ -2489,6 +2501,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteConformancePackRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchConformancePackException" @@ -2518,6 +2533,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteDeliveryChannelRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#LastDeliveryChannelDeleteFailedException" @@ -2592,6 +2610,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteOrganizationConfigRuleRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchOrganizationConfigRuleException" @@ -2624,6 +2645,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteOrganizationConformancePackRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchOrganizationConformancePackException" @@ -2656,6 +2680,9 @@ "input": { "target": "com.amazonaws.configservice#DeletePendingAggregationRequestRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InvalidParameterValueException" @@ -2784,6 +2811,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteResourceConfigRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoRunningConfigurationRecorderException" @@ -2820,6 +2850,9 @@ "input": { "target": "com.amazonaws.configservice#DeleteRetentionConfigurationRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InvalidParameterValueException" @@ -4246,7 +4279,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of organization Config rules.

\n\t\t\t\n\t\t \n

When you specify the limit and the next token, you receive a paginated response.\n\t\t\tLimit and next token are not applicable if you specify organization Config rule names. \n\t\t\tIt is only applicable, when you request all the organization Config rules.

\n ", + "smithy.api#documentation": "

Returns a list of organization Config rules.

\n\t\t\t\n\t\t \n

When you specify the limit and the next token, you receive a paginated response.

\n\t\t\t

Limit and next token are not applicable if you specify organization Config rule names. \n\t\t\tIt is only applicable, when you request all the organization Config rules.

\n\t\t\t\n\t\t\t

\n For accounts within an organzation\n

\n\t\t\t\n\t\t\t

If you deploy an organizational rule or conformance pack in an organization\n\t\t\t\tadministrator account, and then establish a delegated administrator and deploy an\n\t\t\t\torganizational rule or conformance pack in the delegated administrator account, you\n\t\t\t\twon't be able to see the organizational rule or conformance pack in the organization\n\t\t\t\tadministrator account from the delegated administrator account or see the organizational\n\t\t\t\trule or conformance pack in the delegated administrator account from organization\n\t\t\t\tadministrator account. The DescribeOrganizationConfigRules and \n\t\t\t\tDescribeOrganizationConformancePacks APIs can only see and interact with\n\t\t\t\tthe organization-related resource that were deployed from within the account calling\n\t\t\t\tthose APIs.

\n\t\t ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -4390,7 +4423,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns a list of organization conformance packs.

\n\t\t \n

When you specify the limit and the next token, you receive a paginated response.

\n\t\t\t

Limit and next token are not applicable if you specify organization conformance packs names. They are only applicable,\n\t\t\twhen you request all the organization conformance packs.

\n ", + "smithy.api#documentation": "

Returns a list of organization conformance packs.

\n\t\t \n

When you specify the limit and the next token, you receive a paginated response.

\n\t\t\t

Limit and next token are not applicable if you specify organization conformance packs names. They are only applicable,\n\t\t\twhen you request all the organization conformance packs.

\n\t\t\n\t\t\t

\n For accounts within an organzation\n

\n\t\t\t\t\t\t\n\t\t\t

If you deploy an organizational rule or conformance pack in an organization\n\t\t\t\tadministrator account, and then establish a delegated administrator and deploy an\n\t\t\t\torganizational rule or conformance pack in the delegated administrator account, you\n\t\t\t\twon't be able to see the organizational rule or conformance pack in the organization\n\t\t\t\tadministrator account from the delegated administrator account or see the organizational\n\t\t\t\trule or conformance pack in the delegated administrator account from organization\n\t\t\t\tadministrator account. The DescribeOrganizationConfigRules and \n\t\t\t\tDescribeOrganizationConformancePacks APIs can only see and interact with\n\t\t\t\tthe organization-related resource that were deployed from within the account calling\n\t\t\t\tthose APIs.

\n\t\t ", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -5709,6 +5742,9 @@ }, "com.amazonaws.configservice#GetComplianceSummaryByConfigRule": { "type": "operation", + "input": { + "target": "smithy.api#Unit" + }, "output": { "target": "com.amazonaws.configservice#GetComplianceSummaryByConfigRuleResponse" }, @@ -8210,7 +8246,7 @@ "MaximumExecutionFrequency": { "target": "com.amazonaws.configservice#MaximumExecutionFrequency", "traits": { - "smithy.api#documentation": "

The maximum frequency with which Config runs evaluations for a rule. You are using an Config managed rule that is triggered at a periodic frequency.

\n\t\t \n

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid \n\t\t\tvalue for the MaximumExecutionFrequency parameter.

\n " + "smithy.api#documentation": "

The maximum frequency with which Config runs evaluations for a rule. This is for an Config managed rule that is triggered at a periodic frequency.

\n\t\t \n

By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid \n\t\t\tvalue for the MaximumExecutionFrequency parameter.

\n " } }, "ResourceTypesScope": { @@ -8565,6 +8601,9 @@ "input": { "target": "com.amazonaws.configservice#PutConfigRuleRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InsufficientPermissionsException" @@ -8682,6 +8721,9 @@ "input": { "target": "com.amazonaws.configservice#PutConfigurationRecorderRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InvalidConfigurationRecorderNameException" @@ -8802,6 +8844,9 @@ "input": { "target": "com.amazonaws.configservice#PutDeliveryChannelRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InsufficientDeliveryPolicyException" @@ -9074,7 +9119,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization.

\n\t\t

Only a master account and a delegated administrator can call this API. \n\t\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\t\tListDelegatedAdministrator permissions are added.

\n\t\t

This API enables organization service access for config-multiaccountsetup.amazonaws.com\n\t\t\tthrough the EnableAWSServiceAccess action and creates a \n\t\t\tservice linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service linked role is created only when the role does not exist in the caller account. \n\t\t\tTo use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization \n\t\t\tregister-delegate-admin for config-multiaccountsetup.amazonaws.com.

\n\n\t\t\t\n\t\t\t \n\t\t \n\t\t\t

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n\t\t\t

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. \n\t\t\t\tYou cannot update a conformance pack while it is in this state.

\n\t\t\t

You can create 50 conformance packs with 25 Config rules in each pack and 3 delegated administrator per organization.

\n " + "smithy.api#documentation": "

Deploys conformance packs across member accounts in an Amazon Web Services Organization. For information on how many organization conformance packs and how many Config rules you can have per account, \n\t\t\tsee \n Service Limits\n in the Config Developer Guide.

\n\t\t

Only a master account and a delegated administrator can call this API. \n\t\t\tWhen calling this API with a delegated administrator, you must ensure Organizations \n\t\t\tListDelegatedAdministrator permissions are added. An organization can have up to 3 delegated administrators.

\n\t\t

This API enables organization service access for config-multiaccountsetup.amazonaws.com\n\t\t\tthrough the EnableAWSServiceAccess action and creates a \n\t\t\tservice linked role AWSServiceRoleForConfigMultiAccountSetup in the master or delegated administrator account of your organization. \n\t\t\tThe service linked role is created only when the role does not exist in the caller account. \n\t\t\tTo use this API with delegated administrator, register a delegated administrator by calling Amazon Web Services Organization \n\t\t\tregister-delegate-admin for config-multiaccountsetup.amazonaws.com.

\n\n\t\t\t\n\t\t\t \n\t\t \n\t\t\t

Prerequisite: Ensure you call EnableAllFeatures API to enable all features in an organization.

\n\t\t\t

You must specify either the TemplateS3Uri or the TemplateBody parameter, but not both. \n\t\t\tIf you provide both Config uses the TemplateS3Uri parameter and ignores the TemplateBody parameter.

\n\t\t\t

Config sets the state of a conformance pack to CREATE_IN_PROGRESS and UPDATE_IN_PROGRESS until the conformance pack is created or updated. \n\t\t\t\tYou cannot update a conformance pack while it is in this state.

\n " } }, "com.amazonaws.configservice#PutOrganizationConformancePackRequest": { @@ -9153,7 +9198,7 @@ } ], "traits": { - "smithy.api#documentation": "

Adds or updates the remediation configuration with a specific Config rule with the \n\t\t\tselected target or action. \n\t\t\tThe API creates the RemediationConfiguration object for the Config rule. \n\t\tThe Config rule must already exist for you to add a remediation configuration. \n\t\tThe target (SSM document) must exist and have permissions to use the target.

\n\t\t \n

If you make backward incompatible changes to the SSM document, \n\t\t\tyou must call this again to ensure the remediations can run.

\n\t\t\t

This API does not support adding remediation configurations for service-linked Config Rules such as Organization Config rules, \n\t\t\t\tthe rules deployed by conformance packs, and rules deployed by Amazon Web Services Security Hub.

\n " + "smithy.api#documentation": "

Adds or updates the remediation configuration with a specific Config rule with the \n\t\t\tselected target or action. \n\t\t\tThe API creates the RemediationConfiguration object for the Config rule. \n\t\tThe Config rule must already exist for you to add a remediation configuration. \n\t\tThe target (SSM document) must exist and have permissions to use the target.

\n\t\t \n

If you make backward incompatible changes to the SSM document, \n\t\t\tyou must call this again to ensure the remediations can run.

\n\t\t\t

This API does not support adding remediation configurations for service-linked Config Rules such as Organization Config rules, \n\t\t\t\tthe rules deployed by conformance packs, and rules deployed by Amazon Web Services Security Hub.

\n \n\t\t \n

For manual remediation configuration, you need to provide a value for automationAssumeRole or use a value in the assumeRolefield to remediate your resources. The SSM automation document can use either as long as it maps to a valid parameter.

\n\t\t\t

However, for automatic remediation configuration, the only valid assumeRole field value is AutomationAssumeRole and you need to provide a value for AutomationAssumeRole to remediate your resources.

\n\t\t " } }, "com.amazonaws.configservice#PutRemediationConfigurationsRequest": { @@ -9246,6 +9291,9 @@ "input": { "target": "com.amazonaws.configservice#PutResourceConfigRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#InsufficientPermissionsException" @@ -9304,7 +9352,7 @@ "Tags": { "target": "com.amazonaws.configservice#Tags", "traits": { - "smithy.api#documentation": "

Tags associated with the resource.

" + "smithy.api#documentation": "

Tags associated with the resource.

\n\t\t \n

This field is not to be confused with the Amazon Web Services-wide tag feature for Amazon Web Services resources.\n\t\t\tTags for PutResourceConfig are tags that you supply for the configuration items of your custom resources.

\n " } } } @@ -11493,6 +11541,9 @@ "input": { "target": "com.amazonaws.configservice#StartConfigurationRecorderRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoAvailableDeliveryChannelException" @@ -11631,6 +11682,9 @@ "input": { "target": "com.amazonaws.configservice#StopConfigurationRecorderRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#NoSuchConfigurationRecorderException" @@ -11874,6 +11928,9 @@ "input": { "target": "com.amazonaws.configservice#TagResourceRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#ResourceNotFoundException" @@ -11983,6 +12040,9 @@ "input": { "target": "com.amazonaws.configservice#UntagResourceRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.configservice#ResourceNotFoundException" diff --git a/codegen/sdk-codegen/aws-models/lex-models-v2.json b/codegen/sdk-codegen/aws-models/lex-models-v2.json index 005dbdc050f..872f1272e33 100644 --- a/codegen/sdk-codegen/aws-models/lex-models-v2.json +++ b/codegen/sdk-codegen/aws-models/lex-models-v2.json @@ -212,7 +212,7 @@ "transcript": { "target": "com.amazonaws.lexmodelsv2#Transcript", "traits": { - "smithy.api#documentation": "

The content of the transcript that meets the search filter criteria.\n For the JSON format of the transcript, see Output transcript\n format.

" + "smithy.api#documentation": "

The content of the transcript that meets the search filter criteria.\n For the JSON format of the transcript, see Output transcript\n format.

" } } }, @@ -980,7 +980,7 @@ } }, "traits": { - "smithy.api#documentation": "

The object representing the URL of the bot definition, the URL of\n the associated transcript and a statistical summary of the bot\n recommendation results.

" + "smithy.api#documentation": "

The object representing the URL of the bot definition, the URL of\n the associated transcript, and a statistical summary of the bot\n recommendation results.

" } }, "com.amazonaws.lexmodelsv2#BotRecommendationStatus": { @@ -2416,7 +2416,7 @@ "exportStatus": { "target": "com.amazonaws.lexmodelsv2#ExportStatus", "traits": { - "smithy.api#documentation": "

The status of the export. When the status is Completed,\n you can use the DescribeExport operation to get the\n pre-signed S3 URL link to your exported bot or bot locale.

" + "smithy.api#documentation": "

The status of the export. When the status is Completed,\n you can use the DescribeExport operation to get the\n pre-signed S3 URL link to your exported bot or bot locale.

" } }, "creationDateTime": { @@ -3983,6 +3983,9 @@ "input": { "target": "com.amazonaws.lexmodelsv2#DeleteIntentRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.lexmodelsv2#ConflictException" @@ -4198,6 +4201,9 @@ "input": { "target": "com.amazonaws.lexmodelsv2#DeleteSlotRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.lexmodelsv2#ConflictException" @@ -4277,6 +4283,9 @@ "input": { "target": "com.amazonaws.lexmodelsv2#DeleteSlotTypeRequest" }, + "output": { + "target": "smithy.api#Unit" + }, "errors": [ { "target": "com.amazonaws.lexmodelsv2#ConflictException" @@ -9432,6 +9441,21 @@ } } }, + "com.amazonaws.lexmodelsv2#MessageSelectionStrategy": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "Random", + "name": "Random" + }, + { + "value": "Ordered", + "name": "Ordered" + } + ] + } + }, "com.amazonaws.lexmodelsv2#MessageVariationsList": { "type": "list", "member": { @@ -9768,6 +9792,12 @@ "traits": { "smithy.api#documentation": "

Indicates whether the user can interrupt a speech prompt from the\n bot.

" } + }, + "messageSelectionStrategy": { + "target": "com.amazonaws.lexmodelsv2#MessageSelectionStrategy", + "traits": { + "smithy.api#documentation": "

Indicates how a message is selected from a message group among retries.

" + } } }, "traits": { diff --git a/codegen/sdk-codegen/aws-models/quicksight.json b/codegen/sdk-codegen/aws-models/quicksight.json index 72f3cd20e83..41c36913472 100644 --- a/codegen/sdk-codegen/aws-models/quicksight.json +++ b/codegen/sdk-codegen/aws-models/quicksight.json @@ -68,6 +68,44 @@ "smithy.api#documentation": "

The Amazon QuickSight customizations associated with your Amazon Web Services account or a QuickSight namespace in a specific Amazon Web Services Region.

" } }, + "com.amazonaws.quicksight#AccountInfo": { + "type": "structure", + "members": { + "AccountName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The account name that you provided for the Amazon QuickSight subscription in your\n Amazon Web Services account. You create this name when you sign up for Amazon QuickSight. It's unique over all of Amazon Web Services, and it appears only when\n users sign in.

" + } + }, + "Edition": { + "target": "com.amazonaws.quicksight#Edition", + "traits": { + "smithy.api#documentation": "

The edition of your Amazon QuickSight account.

" + } + }, + "NotificationEmail": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The email address that will be used for Amazon QuickSight to send notifications regarding your Amazon Web Services account or Amazon QuickSight subscription.

" + } + }, + "AuthenticationType": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The way that your Amazon QuickSight account is authenticated.

" + } + }, + "AccountSubscriptionStatus": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The status of your account subscription.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A structure that contains the following account information\n elements:

\n " + } + }, "com.amazonaws.quicksight#AccountSettings": { "type": "structure", "members": { @@ -98,7 +136,7 @@ "PublicSharingEnabled": { "target": "com.amazonaws.quicksight#Boolean", "traits": { - "smithy.api#documentation": "

A boolean that indicates whether or not public sharing is enabled on an Amazon QuickSight account. For more information about enabling public sharing, see UpdatePublicSharingSettings.

" + "smithy.api#documentation": "

A Boolean value that indicates whether public sharing is turned on for an Amazon QuickSight account. For more information about turning on public sharing, see UpdatePublicSharingSettings.

" } } }, @@ -155,7 +193,7 @@ } }, "traits": { - "smithy.api#documentation": "

Ad hoc (one-time) filtering option.

" + "smithy.api#documentation": "

An ad hoc (one-time) filtering option.

" } }, "com.amazonaws.quicksight#AdditionalDashboardIdList": { @@ -635,6 +673,25 @@ "smithy.api#documentation": "

Parameters for Amazon Aurora PostgreSQL-Compatible Edition.

" } }, + "com.amazonaws.quicksight#AuthenticationMethodOption": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "IAM_AND_QUICKSIGHT", + "name": "IAM_AND_QUICKSIGHT" + }, + { + "value": "IAM_ONLY", + "name": "IAM_ONLY" + }, + { + "value": "ACTIVE_DIRECTORY", + "name": "ACTIVE_DIRECTORY" + } + ] + } + }, "com.amazonaws.quicksight#AwsAccountId": { "type": "string", "traits": { @@ -1263,7 +1320,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates Amazon QuickSight customizations the current Amazon Web Services Region. Currently, you can\n add a custom default theme by using the CreateAccountCustomization or\n UpdateAccountCustomization API operation. To further customize\n Amazon QuickSight by removing Amazon QuickSight sample assets and videos for all new users, see Customizing Amazon QuickSight in the Amazon QuickSight User\n Guide.\n

\n

You can create customizations for your Amazon Web Services account or, if you specify a namespace, for\n a QuickSight namespace instead. Customizations that apply to a namespace always override\n customizations that apply to an Amazon Web Services account. To find out which customizations apply, use\n the DescribeAccountCustomization API operation.

\n

Before you use the CreateAccountCustomization API operation to add a theme\n as the namespace default, make sure that you first share the theme with the namespace.\n If you don't share it with the namespace, the theme isn't visible to your users\n even if you make it the default theme.\n To check if the theme is shared, view the current permissions by using the\n \n DescribeThemePermissions\n \n API operation.\n To share the theme, grant permissions by using the\n \n UpdateThemePermissions\n \n API operation.

", + "smithy.api#documentation": "

Creates Amazon QuickSight customizations for the current Amazon Web Services Region. Currently, you can add a custom default theme by using the\n CreateAccountCustomization or UpdateAccountCustomization\n API operation. To further customize Amazon QuickSight by removing Amazon QuickSight\n sample assets and videos for all new users, see Customizing Amazon QuickSight in the Amazon QuickSight User Guide.\n

\n

You can create customizations for your Amazon Web Services account or, if you specify a namespace, for\n a QuickSight namespace instead. Customizations that apply to a namespace always override\n customizations that apply to an Amazon Web Services account. To find out which customizations apply, use\n the DescribeAccountCustomization API operation.

\n

Before you use the CreateAccountCustomization API operation to add a theme\n as the namespace default, make sure that you first share the theme with the namespace.\n If you don't share it with the namespace, the theme isn't visible to your users\n even if you make it the default theme.\n To check if the theme is shared, view the current permissions by using the\n \n DescribeThemePermissions\n \n API operation.\n To share the theme, grant permissions by using the\n \n UpdateThemePermissions\n \n API operation.

", "smithy.api#http": { "method": "POST", "uri": "/accounts/{AwsAccountId}/customizations", @@ -1346,6 +1403,177 @@ } } }, + "com.amazonaws.quicksight#CreateAccountSubscription": { + "type": "operation", + "input": { + "target": "com.amazonaws.quicksight#CreateAccountSubscriptionRequest" + }, + "output": { + "target": "com.amazonaws.quicksight#CreateAccountSubscriptionResponse" + }, + "errors": [ + { + "target": "com.amazonaws.quicksight#AccessDeniedException" + }, + { + "target": "com.amazonaws.quicksight#ConflictException" + }, + { + "target": "com.amazonaws.quicksight#InternalFailureException" + }, + { + "target": "com.amazonaws.quicksight#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.quicksight#PreconditionNotMetException" + }, + { + "target": "com.amazonaws.quicksight#ResourceExistsException" + }, + { + "target": "com.amazonaws.quicksight#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.quicksight#ResourceUnavailableException" + }, + { + "target": "com.amazonaws.quicksight#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "

Creates an Amazon QuickSight account, or subscribes to Amazon QuickSight Q.

\n\n

The Amazon Web Services Region for the account is derived from what is configured in the\n CLI or SDK. This operation isn't supported in the US East (Ohio) Region, South America (Sao Paulo) Region, or Asia\n Pacific (Singapore) Region.

\n\n

Before you use this operation, make sure that you can connect to an existing Amazon Web Services account. If you don't have an Amazon Web Services account, see Sign\n up for Amazon Web Services in the Amazon QuickSight User\n Guide. The person who signs up for Amazon QuickSight needs to have the\n correct Identity and Access Management (IAM) permissions. For more information,\n see IAM Policy Examples for Amazon QuickSight in the\n Amazon QuickSight User Guide.

\n\n

If your IAM policy includes both the Subscribe and\n CreateAccountSubscription actions, make sure that both actions are set\n to Allow. If either action is set to Deny, the\n Deny action prevails and your API call fails.

\n\n

You can't pass an existing IAM role to access other Amazon Web Services services using this API operation. To pass your existing IAM role to\n Amazon QuickSight, see Passing IAM roles to Amazon QuickSight in the\n Amazon QuickSight User Guide.

\n\n

You can't set default resource access on the new account from the Amazon QuickSight\n API. Instead, add default resource access from the Amazon QuickSight console. For more\n information about setting default resource access to Amazon Web Services services, see\n Setting default resource\n access to Amazon Web Services services in the Amazon QuickSight\n User Guide.

", + "smithy.api#http": { + "method": "POST", + "uri": "/account/{AwsAccountId}", + "code": 200 + } + } + }, + "com.amazonaws.quicksight#CreateAccountSubscriptionRequest": { + "type": "structure", + "members": { + "Edition": { + "target": "com.amazonaws.quicksight#Edition", + "traits": { + "smithy.api#documentation": "

The edition of Amazon QuickSight that you want your account to have. Currently, you can\n choose from ENTERPRISE or\n ENTERPRISE_AND_Q.

\n

If you choose ENTERPRISE_AND_Q, the following parameters are\n required:

\n ", + "smithy.api#required": {} + } + }, + "AuthenticationMethod": { + "target": "com.amazonaws.quicksight#AuthenticationMethodOption", + "traits": { + "smithy.api#documentation": "

The method that you want to use to authenticate your Amazon QuickSight account. Currently, the valid values for this parameter are IAM_AND_QUICKSIGHT, IAM_ONLY, and ACTIVE_DIRECTORY.

\n

If you choose ACTIVE_DIRECTORY, provide an ActiveDirectoryName\n and an AdminGroup associated with your Active Directory.

", + "smithy.api#required": {} + } + }, + "AwsAccountId": { + "target": "com.amazonaws.quicksight#AwsAccountId", + "traits": { + "smithy.api#documentation": "

The Amazon Web Services account ID of the account that you're using to create your Amazon QuickSight account.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "AccountName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The name of your Amazon QuickSight account. This name is unique over all of Amazon Web Services, and it appears only when users sign in. You can't change\n AccountName value after the Amazon QuickSight account is\n created.

", + "smithy.api#required": {} + } + }, + "NotificationEmail": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The email address that you want Amazon QuickSight to send notifications to regarding your Amazon QuickSight account or Amazon QuickSight subscription.

", + "smithy.api#required": {} + } + }, + "ActiveDirectoryName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The name of your Active Directory. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account.

" + } + }, + "Realm": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The realm of the Active Directory that is associated with your Amazon QuickSight account. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account.

" + } + }, + "DirectoryId": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The ID of the Active Directory that is associated with your Amazon QuickSight account.

" + } + }, + "AdminGroup": { + "target": "com.amazonaws.quicksight#GroupsList", + "traits": { + "smithy.api#documentation": "

The admin group associated with your Active Directory. This field is required if ACTIVE_DIRECTORY is the selected authentication method of the new Amazon QuickSight account. For more information about using\n Active Directory in Amazon QuickSight, see Using Active Directory with\n Amazon QuickSight Enterprise Edition in the Amazon QuickSight\n User Guide.

" + } + }, + "AuthorGroup": { + "target": "com.amazonaws.quicksight#GroupsList", + "traits": { + "smithy.api#documentation": "

The author group associated with your Active Directory. For more information about using\n Active Directory in Amazon QuickSight, see Using Active Directory with\n Amazon QuickSight Enterprise Edition in the Amazon QuickSight\n User Guide.

" + } + }, + "ReaderGroup": { + "target": "com.amazonaws.quicksight#GroupsList", + "traits": { + "smithy.api#documentation": "

The reader group associated with your Active Direcrtory. For more information about\n using Active Directory in Amazon QuickSight, see Using Active Directory with\n Amazon QuickSight Enterprise Edition in the Amazon QuickSight\n User Guide.

" + } + }, + "FirstName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The first name of the author of the Amazon QuickSight account to use for future\n communications. This field is required if ENTERPPRISE_AND_Q is the selected\n edition of the new Amazon QuickSight account.

" + } + }, + "LastName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The last name of the author of the Amazon QuickSight account to use for future\n communications. This field is required if ENTERPPRISE_AND_Q is the selected\n edition of the new Amazon QuickSight account.

" + } + }, + "EmailAddress": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The email address of the author of the Amazon QuickSight account to use for future\n communications. This field is required if ENTERPPRISE_AND_Q is the selected\n edition of the new Amazon QuickSight account.

" + } + }, + "ContactNumber": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

A 10-digit phone number for the author of the Amazon QuickSight account to use for\n future communications. This field is required if ENTERPPRISE_AND_Q is the\n selected edition of the new Amazon QuickSight account.

" + } + } + } + }, + "com.amazonaws.quicksight#CreateAccountSubscriptionResponse": { + "type": "structure", + "members": { + "SignupResponse": { + "target": "com.amazonaws.quicksight#SignupResponse", + "traits": { + "smithy.api#documentation": "

A SignupResponse object that returns information about a newly created Amazon QuickSight account.

" + } + }, + "Status": { + "target": "com.amazonaws.quicksight#StatusCode", + "traits": { + "smithy.api#documentation": "

The HTTP status of the request.

", + "smithy.api#httpResponseCode": {} + } + }, + "RequestId": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The Amazon Web Services request ID for this operation.

" + } + } + } + }, "com.amazonaws.quicksight#CreateAnalysis": { "type": "operation", "input": { @@ -6396,7 +6624,7 @@ "AccountSettings": { "target": "com.amazonaws.quicksight#AccountSettings", "traits": { - "smithy.api#documentation": "

The Amazon QuickSight settings for this Amazon Web Services account. This information includes the edition of Amazon\n Amazon QuickSight that you subscribed to (Standard or Enterprise) and the notification email for the\n Amazon QuickSight subscription. In the QuickSight console, the Amazon QuickSight subscription is sometimes\n referred to as a QuickSight \"account\" even though it's technically not an account\n by itself. Instead, it's a subscription to the Amazon QuickSight service for your Amazon Web Services account. The\n edition that you subscribe to applies to Amazon QuickSight in every Amazon Web Services Region where you use it.

" + "smithy.api#documentation": "

The Amazon QuickSight settings for this Amazon Web Services account. This information\n includes the edition of Amazon Amazon QuickSight that you subscribed to (Standard or\n Enterprise) and the notification email for the Amazon QuickSight subscription.

\n

In the QuickSight console, the Amazon QuickSight subscription is sometimes referred to\n as a QuickSight \"account\" even though it's technically not an account by\n itself. Instead, it's a subscription to the Amazon QuickSight service for your\n Amazon Web Services account. The edition that you subscribe to applies to Amazon QuickSight in every Amazon Web Services Region where you use it.

" } }, "RequestId": { @@ -6414,6 +6642,80 @@ } } }, + "com.amazonaws.quicksight#DescribeAccountSubscription": { + "type": "operation", + "input": { + "target": "com.amazonaws.quicksight#DescribeAccountSubscriptionRequest" + }, + "output": { + "target": "com.amazonaws.quicksight#DescribeAccountSubscriptionResponse" + }, + "errors": [ + { + "target": "com.amazonaws.quicksight#AccessDeniedException" + }, + { + "target": "com.amazonaws.quicksight#InternalFailureException" + }, + { + "target": "com.amazonaws.quicksight#InvalidParameterValueException" + }, + { + "target": "com.amazonaws.quicksight#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.quicksight#ResourceUnavailableException" + }, + { + "target": "com.amazonaws.quicksight#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "

Use the DescribeAccountSubscription operation to receive a description of a Amazon QuickSight account's subscription. A successful API call returns an AccountInfo object that includes an account's name, subscription status, authentication type, edition, and notification email address.

", + "smithy.api#http": { + "method": "GET", + "uri": "/account/{AwsAccountId}", + "code": 200 + } + } + }, + "com.amazonaws.quicksight#DescribeAccountSubscriptionRequest": { + "type": "structure", + "members": { + "AwsAccountId": { + "target": "com.amazonaws.quicksight#AwsAccountId", + "traits": { + "smithy.api#documentation": "

The Amazon Web Services account ID associated with your Amazon QuickSight account.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.quicksight#DescribeAccountSubscriptionResponse": { + "type": "structure", + "members": { + "AccountInfo": { + "target": "com.amazonaws.quicksight#AccountInfo", + "traits": { + "smithy.api#documentation": "

A structure that contains the following elements:

\n " + } + }, + "Status": { + "target": "com.amazonaws.quicksight#StatusCode", + "traits": { + "smithy.api#documentation": "

The HTTP status of the request.

", + "smithy.api#httpResponseCode": {} + } + }, + "RequestId": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The Amazon Web Services request ID for this operation.

" + } + } + } + }, "com.amazonaws.quicksight#DescribeAnalysis": { "type": "operation", "input": { @@ -8630,6 +8932,10 @@ { "value": "ENTERPRISE", "name": "ENTERPRISE" + }, + { + "value": "ENTERPRISE_AND_Q", + "name": "ENTERPRISE_AND_Q" } ] } @@ -9143,7 +9449,7 @@ } ], "traits": { - "smithy.api#documentation": "

Generates an embed URL that you can use to embed an Amazon QuickSight dashboard in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions.

\n

The following rules apply to the generated URL:

\n \n

For more information, see Embedded Analytics in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", + "smithy.api#documentation": "

Generates an embed URL that you can use to embed an Amazon QuickSight dashboard in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions.

\n

The following rules apply to the generated URL:

\n \n

For more information, see Embedded Analytics in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", "smithy.api#http": { "method": "POST", "uri": "/accounts/{AwsAccountId}/embed-url/anonymous-user", @@ -9178,22 +9484,28 @@ "SessionTags": { "target": "com.amazonaws.quicksight#SessionTagList", "traits": { - "smithy.api#documentation": "

The session tags used for row-level security. Before you use this parameter, make sure that\n you have configured the relevant datasets using the DataSet$RowLevelPermissionTagConfiguration parameter so that session tags can be used to provide row-level security.

\n

These are not the tags used for the Amazon Web Services resource tagging feature. For more information, see Using Row-Level Security (RLS) with Tags.

" + "smithy.api#documentation": "

The session tags used for row-level security. Before you use this parameter, make sure that you have configured the relevant datasets using the DataSet$RowLevelPermissionTagConfiguration parameter so that session tags can be used to provide row-level security.

\n

These are not the tags used for the Amazon Web Services resource tagging feature. For more information, see Using Row-Level Security (RLS) with Tagsin the Amazon QuickSight User Guide.

" } }, "AuthorizedResourceArns": { "target": "com.amazonaws.quicksight#ArnList", "traits": { - "smithy.api#documentation": "

The Amazon Resource Names for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session. If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view. Currently, you can pass up to 25 dashboard ARNs in each API call.

", + "smithy.api#documentation": "

The Amazon Resource Names (ARNs) for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session. If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view. Currently, you can pass up to 25 dashboard ARNs in each API call.

", "smithy.api#required": {} } }, "ExperienceConfiguration": { "target": "com.amazonaws.quicksight#AnonymousUserEmbeddingExperienceConfiguration", "traits": { - "smithy.api#documentation": "

The configuration of the experience you are embedding.

", + "smithy.api#documentation": "

The configuration of the experience that you are embedding.

", "smithy.api#required": {} } + }, + "AllowedDomains": { + "target": "com.amazonaws.quicksight#StringList", + "traits": { + "smithy.api#documentation": "

The domains that you want to add to the allow list for access to the generated URL that is then embedded. This optional parameter overrides the static domains that are configured in the Manage QuickSight menu in the Amazon QuickSight console and instead allows only the domains that you include in this parameter. You can list up to three domains or subdomains in each API call.

\n

To include a subdomain, use * to include all subdomains under a specific domain to the allow list. For example, https://*.sapp.amazon.com, includes all subdomains under https://sapp.amazon.com.

" + } } } }, @@ -9262,7 +9574,7 @@ } ], "traits": { - "smithy.api#documentation": "

Generates an embed URL that you can use to embed an Amazon QuickSight experience in your website. This action can be used for any type of user registered in an Amazon QuickSight account. Before you use this action, make sure that you have configured the relevant Amazon QuickSight resource and permissions.

\n

The following rules apply to the generated URL:

\n \n

For more information, see Embedded Analytics in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", + "smithy.api#documentation": "

Generates an embed URL that you can use to embed an Amazon QuickSight experience in your website. This action can be used for any type of user registered in an Amazon QuickSight account. \n Before you use this action, make sure that you have configured the relevant Amazon QuickSight resource and permissions.

\n

The following rules apply to the generated URL:

\n \n

For more information, see Embedded Analytics in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", "smithy.api#http": { "method": "POST", "uri": "/accounts/{AwsAccountId}/embed-url/registered-user", @@ -9300,6 +9612,12 @@ "smithy.api#documentation": "

The experience you are embedding. For registered users, you can embed Amazon QuickSight dashboards or the entire Amazon QuickSight console.

", "smithy.api#required": {} } + }, + "AllowedDomains": { + "target": "com.amazonaws.quicksight#StringList", + "traits": { + "smithy.api#documentation": "

The domains that you want to add to the allow list for access to the generated URL that is then embedded. This optional parameter overrides the static domains that are configured in the Manage QuickSight menu in the Amazon QuickSight console and instead allows only the domains that you include in this parameter. You can list up to three domains or subdomains in each API call.

\n

To include a subdomain, use * to include all subdomains under a specific domain to the allow list. For example, https://*.sapp.amazon.com, includes all subdomains under https://sapp.amazon.com.

" + } } } }, @@ -9452,7 +9770,7 @@ } ], "traits": { - "smithy.api#documentation": "

Generates a session URL and authorization code that you can use to embed an Amazon\n Amazon QuickSight read-only dashboard in your web server code. Before you use this command,\n make sure that you have configured the dashboards and permissions.

\n

Currently, you can use GetDashboardEmbedURL only from the server, not\n from the user's browser. The following rules apply to the combination of URL and\n authorization code:

\n \n

For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", + "smithy.api#documentation": "

Generates a temporary session URL and authorization code that you can use to embed an Amazon QuickSight read-only dashboard in your website or application. Before you use this command, make sure that you have configured the dashboards and permissions.

\n

Currently, you can use GetDashboardEmbedURL only from the server, not from the user's browser. The following rules apply to the generated URL:

\n \n

For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon QuickSight User\n Guide.

\n

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal.

", "smithy.api#http": { "method": "GET", "uri": "/accounts/{AwsAccountId}/dashboards/{DashboardId}/embed-url", @@ -9532,7 +9850,7 @@ "AdditionalDashboardIds": { "target": "com.amazonaws.quicksight#AdditionalDashboardIdList", "traits": { - "smithy.api#documentation": "

A list of one or more dashboard IDs that you want to add to a session that includes\n anonymous users. The IdentityType parameter must be set to\n ANONYMOUS for this to work, because other identity types authenticate\n as Amazon QuickSight or IAM users. For example, if you set \"--dashboard-id dash_id1\n --dashboard-id dash_id2 dash_id3 identity-type ANONYMOUS\", the session\n can access all three dashboards.

", + "smithy.api#documentation": "

A list of one or more dashboard IDs that you want anonymous users to have tempporary access to. Currently, the IdentityType parameter must be set to ANONYMOUS because other identity types authenticate as Amazon QuickSight or IAM users. For example, if you set \"--dashboard-id dash_id1 --dashboard-id dash_id2 dash_id3 identity-type ANONYMOUS\", the session can access all three dashboards.

", "smithy.api#httpQuery": "additional-dashboard-ids" } } @@ -9824,6 +10142,12 @@ } } }, + "com.amazonaws.quicksight#GroupsList": { + "type": "list", + "member": { + "target": "com.amazonaws.quicksight#String" + } + }, "com.amazonaws.quicksight#GutterStyle": { "type": "structure", "members": { @@ -13776,6 +14100,9 @@ { "target": "com.amazonaws.quicksight#CreateAccountCustomization" }, + { + "target": "com.amazonaws.quicksight#CreateAccountSubscription" + }, { "target": "com.amazonaws.quicksight#CreateAnalysis" }, @@ -13878,6 +14205,9 @@ { "target": "com.amazonaws.quicksight#DescribeAccountSettings" }, + { + "target": "com.amazonaws.quicksight#DescribeAccountSubscription" + }, { "target": "com.amazonaws.quicksight#DescribeAnalysis" }, @@ -14384,7 +14714,7 @@ "QSearchBar": { "target": "com.amazonaws.quicksight#RegisteredUserQSearchBarEmbeddingConfiguration", "traits": { - "smithy.api#documentation": "

The configuration details for embedding the Q search bar.

\n

For more information about embedding the Q search bar, see\n Embedding Overview.

" + "smithy.api#documentation": "

The configuration details for embedding the Q search bar.

\n

For more information about embedding the Q search bar, see Embedding Overview in\n the Amazon QuickSight User Guide.

" } } }, @@ -15614,6 +15944,38 @@ "smithy.api#documentation": "

The theme display options for sheets.

" } }, + "com.amazonaws.quicksight#SignupResponse": { + "type": "structure", + "members": { + "IAMUser": { + "target": "com.amazonaws.quicksight#Boolean", + "traits": { + "smithy.api#documentation": "

A Boolean that is TRUE if the Amazon QuickSight uses IAM as an\n authentication method.

" + } + }, + "userLoginName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The user login name for your Amazon QuickSight account.

" + } + }, + "accountName": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The name of your Amazon QuickSight account.

" + } + }, + "directoryType": { + "target": "com.amazonaws.quicksight#String", + "traits": { + "smithy.api#documentation": "

The type of Active Directory that is being used to authenticate the Amazon QuickSight\n account. Valid values are SIMPLE_AD, AD_CONNECTOR, and\n MICROSOFT_AD.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A SignupResponse object that contains a summary of a newly created account.

" + } + }, "com.amazonaws.quicksight#SiteBaseUrl": { "type": "string", "traits": { @@ -17126,7 +17488,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates Amazon QuickSight customizations the current Amazon Web Services Region. Currently, the only\n customization you can use is a theme.

\n

You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a\n Amazon QuickSight namespace instead. Customizations that apply to a namespace override\n customizations that apply to an Amazon Web Services account. To find out which customizations apply, use\n the DescribeAccountCustomization API operation.

", + "smithy.api#documentation": "

Updates Amazon QuickSight customizations for the current Amazon Web Services Region. Currently, the only customization that you can use is a theme.

\n

You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a\n Amazon QuickSight namespace instead. Customizations that apply to a namespace override\n customizations that apply to an Amazon Web Services account. To find out which customizations apply, use\n the DescribeAccountCustomization API operation.

", "smithy.api#http": { "method": "PUT", "uri": "/accounts/{AwsAccountId}/customizations", @@ -17254,7 +17616,7 @@ "DefaultNamespace": { "target": "com.amazonaws.quicksight#Namespace", "traits": { - "smithy.api#documentation": "

The default namespace for this Amazon Web Services account. Currently, the default is\n default. Identity and Access Management (IAM) users that register\n for the first time with Amazon QuickSight provide an email that becomes associated with the\n default namespace.

", + "smithy.api#documentation": "

The default namespace for this Amazon Web Services account. Currently, the default is\n default. Identity and Access Management (IAM) users that\n register for the first time with Amazon QuickSight provide an email address that becomes\n associated with the default namespace.\n

", "smithy.api#required": {} } }, @@ -18934,7 +19296,7 @@ } ], "traits": { - "smithy.api#documentation": "

Use the UpdatePublicSharingSettings operation to enable or disable the public sharing settings of an Amazon QuickSight dashboard.

\n

To use this operation, enable session capacity pricing on your Amazon QuickSight account.

\n

Before you can enable public sharing on your account, you need to allow public sharing permissions to an administrative user in the IAM console. For more information on using IAM with Amazon QuickSight, see Using Amazon QuickSight with IAM.

", + "smithy.api#documentation": "

Use the UpdatePublicSharingSettings operation to turn on or turn off the\n public sharing settings of an Amazon QuickSight dashboard.

\n

To use this operation, turn on session capacity pricing for your Amazon QuickSight\n account.

\n

Before you can turn on public sharing on your account, make sure to give public sharing\n permissions to an administrative user in the Identity and Access Management (IAM)\n console. For more information on using IAM with Amazon QuickSight, see\n Using Amazon QuickSight with IAM in the Amazon QuickSight\n User Guide.

", "smithy.api#http": { "method": "PUT", "uri": "/accounts/{AwsAccountId}/public-sharing-settings", @@ -18956,7 +19318,7 @@ "PublicSharingEnabled": { "target": "com.amazonaws.quicksight#Boolean", "traits": { - "smithy.api#documentation": "

A boolean that indicates whether or not public sharing is enabled on a Amazon QuickSight account.

" + "smithy.api#documentation": "

A Boolean value that indicates whether public sharing is turned on for an Amazon QuickSight account.

" } } } diff --git a/codegen/sdk-codegen/aws-models/rds.json b/codegen/sdk-codegen/aws-models/rds.json index ab8964c8bf9..54e215b89ac 100644 --- a/codegen/sdk-codegen/aws-models/rds.json +++ b/codegen/sdk-codegen/aws-models/rds.json @@ -1083,7 +1083,7 @@ } ], "traits": { - "smithy.api#documentation": "

Backtracks a DB cluster to a specific time, without creating a new DB cluster.

\n

For more information on backtracking, see \n \n Backtracking an Aurora DB Cluster in the \n Amazon Aurora User Guide.

\n \n

This action applies only to Aurora MySQL DB clusters.

\n " + "smithy.api#documentation": "

Backtracks a DB cluster to a specific time, without creating a new DB cluster.

\n

For more information on backtracking, see \n \n Backtracking an Aurora DB Cluster in the \n Amazon Aurora User Guide.

\n \n

This action only applies to Aurora MySQL DB clusters.

\n " } }, "com.amazonaws.rds#BacktrackDBClusterMessage": { @@ -1532,7 +1532,7 @@ } ], "traits": { - "smithy.api#documentation": "

Copies a snapshot of a DB cluster.

\n

To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier\n must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.

\n

You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case,\n the Amazon Web Services Region where you call the CopyDBClusterSnapshot operation is the\n destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy\n an encrypted DB cluster snapshot from another Amazon Web Services Region, you must provide the\n following values:

\n \n

To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified\n by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.

\n

For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see \n \n Copying a Snapshot in the Amazon Aurora User Guide.

\n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

Copies a snapshot of a DB cluster.

\n

To copy a DB cluster snapshot from a shared manual DB cluster snapshot, SourceDBClusterSnapshotIdentifier\n must be the Amazon Resource Name (ARN) of the shared DB cluster snapshot.

\n

You can copy an encrypted DB cluster snapshot from another Amazon Web Services Region. In that case, the Amazon Web Services Region where you call the CopyDBClusterSnapshot action \n is the destination Amazon Web Services Region for the encrypted DB cluster snapshot to be copied to. To copy an encrypted DB cluster snapshot from another Amazon Web Services Region, \n you must provide the following values:

\n \n

To cancel the copy operation once it is in progress, delete the target DB cluster snapshot identified\n by TargetDBClusterSnapshotIdentifier while that DB cluster snapshot is in \"copying\" status.

\n

For more information on copying encrypted Amazon Aurora DB cluster snapshots from one Amazon Web Services Region to another, see \n \n Copying a Snapshot in the Amazon Aurora User Guide.

\n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" } }, "com.amazonaws.rds#CopyDBClusterSnapshotMessage": { @@ -1561,7 +1561,7 @@ "PreSignedUrl": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

When you are copying a DB cluster snapshot from one Amazon Web Services GovCloud (US) Region\n to another, the URL that contains a Signature Version 4 signed request for the\n CopyDBClusterSnapshot API operation in the Amazon Web Services Region that contains\n the source DB cluster snapshot to copy. Use the PreSignedUrl parameter when\n copying an encrypted DB cluster snapshot from another Amazon Web Services Region. Don't specify\n PreSignedUrl when copying an encrypted DB cluster snapshot in the same\n Amazon Web Services Region.

\n

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other\n Amazon Web Services Regions.

\n

The presigned URL must be a valid request for the\n CopyDBClusterSnapshot API operation that can run in the source\n Amazon Web Services Region that contains the encrypted DB cluster snapshot to copy. The presigned URL request\n must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n \n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can run in the source Amazon Web Services Region.

\n " + "smithy.api#documentation": "

The URL that contains a Signature Version 4 signed request for the CopyDBClusterSnapshot API action in the Amazon Web Services Region that contains the \n source DB cluster snapshot to copy. The PreSignedUrl parameter must be used when copying an encrypted DB cluster snapshot from another Amazon Web Services Region. \n Don't specify PreSignedUrl when you are copying an encrypted DB cluster snapshot in the same Amazon Web Services Region.

\n

The pre-signed URL must be a valid request for the CopyDBClusterSnapshot API action that can be\n executed in the source Amazon Web Services Region that contains the encrypted DB cluster snapshot to be copied. \n The pre-signed URL request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n\n \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n \n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) \n instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid \n request for the operation that can be executed in the source Amazon Web Services Region.

\n " } }, "CopyTags": { @@ -1678,7 +1678,7 @@ } ], "traits": { - "smithy.api#documentation": "

Copies the specified DB snapshot. The source DB snapshot must be in the available state.

\n

You can copy a snapshot from one Amazon Web Services Region to another. In that case, the\n Amazon Web Services Region where you call the CopyDBSnapshot operation is the destination\n Amazon Web Services Region for the DB snapshot copy.

\n

This command doesn't apply to RDS Custom.

\n

For more information about copying snapshots, see \n Copying a DB Snapshot in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

Copies the specified DB snapshot. The source DB snapshot must be in the available state.

\n

You can copy a snapshot from one Amazon Web Services Region to another. In that case, the Amazon Web Services Region\n where you call the CopyDBSnapshot action is the destination Amazon Web Services Region for the\n DB snapshot copy.

\n

This command doesn't apply to RDS Custom.

\n

For more information about copying snapshots, see \n Copying a DB Snapshot in the Amazon RDS User Guide.

" } }, "com.amazonaws.rds#CopyDBSnapshotMessage": { @@ -1687,7 +1687,7 @@ "SourceDBSnapshotIdentifier": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The identifier for the source DB snapshot.

\n

If the source snapshot is in the same Amazon Web Services Region as the copy, specify a valid DB\n snapshot identifier. For example, you might specify\n rds:mysql-instance1-snapshot-20130805.

\n

If the source snapshot is in a different Amazon Web Services Region than the copy, specify a valid DB\n snapshot ARN. For example, you might specify\n arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805.

\n

If you are copying from a shared manual DB snapshot, \n this parameter must be the Amazon Resource Name (ARN) of the shared DB snapshot.

\n

If you are copying an encrypted snapshot this parameter must be in the ARN format for the source Amazon Web Services Region.

\n

Constraints:

\n \n

Example: rds:mydb-2012-04-02-00-01\n

\n

Example: arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805\n

", + "smithy.api#documentation": "

The identifier for the source DB snapshot.

\n

If the source snapshot is in the same Amazon Web Services Region as the copy, specify a valid DB\n snapshot identifier. For example, you might specify\n rds:mysql-instance1-snapshot-20130805.

\n

If the source snapshot is in a different Amazon Web Services Region than the copy, specify a valid DB\n snapshot ARN. For example, you might specify\n arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805.

\n

If you are copying from a shared manual DB snapshot, \n this parameter must be the Amazon Resource Name (ARN) of the shared DB snapshot.

\n

If you are copying an encrypted snapshot\n this parameter must be in the ARN format for the source Amazon Web Services Region, \n and must match the SourceDBSnapshotIdentifier in the PreSignedUrl parameter.

\n

Constraints:

\n \n

Example: rds:mydb-2012-04-02-00-01\n

\n

Example: arn:aws:rds:us-west-2:123456789012:snapshot:mysql-instance1-snapshot-20130805\n

", "smithy.api#required": {} } }, @@ -1716,7 +1716,7 @@ "PreSignedUrl": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

When you are copying a snapshot from one Amazon Web Services GovCloud (US) Region to another, \n the URL that contains a Signature Version 4 signed request for the CopyDBSnapshot API \n operation in the source Amazon Web Services Region that contains the source DB snapshot to copy.

\n

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other\n Amazon Web Services Regions.

\n

You must specify this parameter when you copy an encrypted DB snapshot from another\n Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are \n copying an encrypted DB snapshot in the same Amazon Web Services Region.

\n

The presigned URL must be a valid request for the\n CopyDBClusterSnapshot API operation that can run in the source\n Amazon Web Services Region that contains the encrypted DB cluster snapshot to copy. The presigned URL request\n must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can run in the source Amazon Web Services Region.

\n " + "smithy.api#documentation": "

The URL that contains a Signature Version 4 signed request for the\n CopyDBSnapshot API action in the source Amazon Web Services Region that contains the\n source DB snapshot to copy.

\n

You must specify this parameter when you copy an encrypted DB snapshot from another\n Amazon Web Services Region by using the Amazon RDS API. Don't specify PreSignedUrl when you are \n copying an encrypted DB snapshot in the same Amazon Web Services Region.

\n

The presigned URL must be a valid request for the CopyDBSnapshot API action \n that can be executed in the source Amazon Web Services Region that contains the encrypted DB snapshot to be copied. \n The presigned URL request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) \n instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid \n request for the operation that can be executed in the source Amazon Web Services Region.

\n " } }, "OptionGroupName": { @@ -1950,7 +1950,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.

\n

You can use the ReplicationSourceIdentifier parameter to create an Amazon\n Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or\n PostgreSQL DB instance.

\n

For more information on Amazon Aurora, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

Creates a new Amazon Aurora DB cluster or Multi-AZ DB cluster.

\n

You can use the ReplicationSourceIdentifier parameter to create an Amazon\n Aurora DB cluster as a read replica of another DB cluster or Amazon RDS MySQL or\n PostgreSQL DB instance. For cross-Region replication where the DB cluster identified by\n ReplicationSourceIdentifier is encrypted, also specify the\n PreSignedUrl parameter.

\n

For more information on Amazon Aurora, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" } }, "com.amazonaws.rds#CreateDBClusterEndpoint": { @@ -1982,7 +1982,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.

\n \n

This action applies only to Aurora DB clusters.

\n " + "smithy.api#documentation": "

Creates a new custom endpoint and associates it with an Amazon Aurora DB cluster.

\n \n

This action only applies to Aurora DB clusters.

\n " } }, "com.amazonaws.rds#CreateDBClusterEndpointMessage": { @@ -2157,13 +2157,13 @@ "PreSignedUrl": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

When you are replicating a DB cluster from one Amazon Web Services GovCloud (US) Region to another,\n an URL that contains a Signature Version 4 signed request for the\n CreateDBCluster operation to be called in the source Amazon Web Services Region where\n the DB cluster is replicated from. Specify PreSignedUrl only when you are\n performing cross-Region replication from an encrypted DB cluster.

\n \n

The presigned URL must be a valid request for the CreateDBCluster API\n operation that can run in the source Amazon Web Services Region that contains the encrypted DB\n cluster to copy.

\n

The presigned URL request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n \n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can run in the source Amazon Web Services Region.

\n \n

Valid for: Aurora DB clusters only

" + "smithy.api#documentation": "

A URL that contains a Signature Version 4 signed request for \n the CreateDBCluster action to be called in the source Amazon Web Services Region where the DB cluster is replicated from. \n Specify PreSignedUrl only when you are performing cross-Region replication from an encrypted DB cluster.

\n

The pre-signed URL must be a valid request for the CreateDBCluster API action \n that can be executed in the source Amazon Web Services Region that contains the encrypted DB cluster to be copied.

\n

The pre-signed URL request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n \n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify SourceRegion (or --source-region for the CLI) \n instead of specifying PreSignedUrl manually. Specifying SourceRegion autogenerates a pre-signed URL that is a valid \n request for the operation that can be executed in the source Amazon Web Services Region.

\n \n

Valid for: Aurora DB clusters only

" } }, "EnableIAMDatabaseAuthentication": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access\n Management (IAM) accounts to database accounts. By default, mapping isn't\n enabled.

\n

For more information, see \n \n IAM Database Authentication in the Amazon Aurora User Guide.

\n

Valid for: Aurora DB clusters only

" + "smithy.api#documentation": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access\n Management (IAM) accounts to database accounts. By default, mapping isn't\n enabled.

\n

For more information, see \n \n IAM Database Authentication in the Amazon Aurora User Guide..

\n

Valid for: Aurora DB clusters only

" } }, "BacktrackWindow": { @@ -2181,7 +2181,7 @@ "EngineMode": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The DB engine mode of the DB cluster, either provisioned, serverless, \n parallelquery, global, or multimaster.

\n

The parallelquery engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, \n and version 2.09 and higher 2.x versions.

\n

The global engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, \n and global engine mode isn't required for any 2.x versions.

\n

The multimaster engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.

\n

The serverless engine mode only applies for Aurora Serverless v1 DB clusters.

\n

For Aurora PostgreSQL, the global engine mode isn't required, and both the parallelquery \n and the multimaster engine modes currently aren't supported.

\n

Limitations and requirements apply to some DB engine modes. For more information, see the \n following sections in the Amazon Aurora User Guide:

\n \n

Valid for: Aurora DB clusters only

" + "smithy.api#documentation": "

The DB engine mode of the DB cluster, either provisioned, serverless, \n parallelquery, global, or multimaster.

\n

The parallelquery engine mode isn't required for Aurora MySQL version 1.23 and higher 1.x versions, \n and version 2.09 and higher 2.x versions.

\n

The global engine mode isn't required for Aurora MySQL version 1.22 and higher 1.x versions, \n and global engine mode isn't required for any 2.x versions.

\n

The multimaster engine mode only applies for DB clusters created with Aurora MySQL version 5.6.10a.

\n

For Aurora PostgreSQL, the global engine mode isn't required, and both the parallelquery \n and the multimaster engine modes currently aren't supported.

\n

Limitations and requirements apply to some DB engine modes. For more information, see the \n following sections in the Amazon Aurora User Guide:

\n \n

Valid for: Aurora DB clusters only

" } }, "ScalingConfiguration": { @@ -2295,7 +2295,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

\n

Valid for: Multi-AZ DB clusters only

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

Valid for: Multi-AZ DB clusters only

" } }, "ServerlessV2ScalingConfiguration": { @@ -2323,7 +2323,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a new DB cluster parameter group.

\n

Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.

\n

A DB cluster parameter group is initially created with the default parameters for the\n database engine used by instances in the DB cluster. To provide custom values for any of the\n parameters, you must modify the group after creating it using\n ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to\n associate it with your DB cluster using ModifyDBCluster.

\n

When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB\n instances in the DB cluster without failover for the new DB cluster parameter group and \n associated settings to take effect.

\n

When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB\n cluster without failover for the new DB cluster parameter group and associated settings to take effect.

\n \n

After you create a DB cluster parameter group, you should wait at least 5 minutes\n before creating your first DB cluster that uses that DB cluster parameter group as\n the default parameter group. This allows Amazon RDS to fully complete the create\n action before the DB cluster parameter group is used as the default for a new DB\n cluster. This is especially important for parameters that are critical when creating\n the default database for a DB cluster, such as the character set for the default\n database defined by the character_set_database parameter. You can use\n the Parameter Groups option of the Amazon RDS console or the\n DescribeDBClusterParameters operation to verify that your DB\n cluster parameter group has been created or modified.

\n \n

For more information on Amazon Aurora, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

Creates a new DB cluster parameter group.

\n

Parameters in a DB cluster parameter group apply to all of the instances in a DB cluster.

\n

A DB cluster parameter group is initially created with the default parameters for the\n database engine used by instances in the DB cluster. To provide custom values for any of the\n parameters, you must modify the group after creating it using\n ModifyDBClusterParameterGroup. Once you've created a DB cluster parameter group, you need to\n associate it with your DB cluster using ModifyDBCluster.

\n

When you associate a new DB cluster parameter group with a running Aurora DB cluster, reboot the DB\n instances in the DB cluster without failover for the new DB cluster parameter group and \n associated settings to take effect.

\n

When you associate a new DB cluster parameter group with a running Multi-AZ DB cluster, reboot the DB\n cluster without failover for the new DB cluster parameter group and associated settings to take effect.

\n \n

After you create a DB cluster parameter group, you should wait at least 5 minutes\n before creating your first DB cluster\n that uses that DB cluster parameter group as the default parameter \n group. This allows Amazon RDS to fully complete the create action before the DB cluster parameter \n group is used as the default for a new DB cluster. This is especially important for parameters \n that are critical when creating the default database for a DB cluster, such as the character set \n for the default database defined by the character_set_database parameter. You can use the \n Parameter Groups option of the Amazon RDS console or the \n DescribeDBClusterParameters action to verify \n that your DB cluster parameter group has been created or modified.

\n \n

For more information on Amazon Aurora, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" } }, "com.amazonaws.rds#CreateDBClusterParameterGroupMessage": { @@ -2513,7 +2513,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a new DB instance.

\n

The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster. \n For an Aurora DB cluster, you can call this operation multiple times to add more than one DB instance \n to the cluster.

\n

For more information about creating an RDS DB instance, see \n Creating an Amazon RDS DB instance in the Amazon RDS User Guide.

\n

For more information about creating a DB instance in an Aurora DB cluster, see \n \n Creating an Amazon Aurora DB cluster in the Amazon Aurora User Guide.

" + "smithy.api#documentation": "

Creates a new DB instance.

" } }, "com.amazonaws.rds#CreateDBInstanceMessage": { @@ -2541,7 +2541,7 @@ "DBInstanceClass": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The compute and memory capacity of the DB instance, for example db.m5.large.\n Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.\n For the full list of DB instance classes, and availability for your engine, see\n DB instance \n classes in the Amazon RDS User Guide or \n Aurora \n DB instance classes in the Amazon Aurora User Guide.

", + "smithy.api#documentation": "

The compute and memory capacity of the DB instance, for example db.m4.large.\n Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.\n For the full list of DB instance classes,\n and availability for your engine, see\n DB Instance Class in the Amazon RDS User Guide.

", "smithy.api#required": {} } }, @@ -2567,7 +2567,7 @@ "DBSecurityGroups": { "target": "com.amazonaws.rds#DBSecurityGroupNameList", "traits": { - "smithy.api#documentation": "

A list of DB security groups to associate with this DB instance.

\n

This setting applies to the legacy EC2-Classic platform, which is no longer used to create \n new DB instances. Use the VpcSecurityGroupIds setting instead.

" + "smithy.api#documentation": "

A list of DB security groups to associate with this DB instance.

\n

Default: The default DB security group for the database engine.

" } }, "VpcSecurityGroupIds": { @@ -2603,7 +2603,7 @@ "BackupRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days for which automated backups are retained. Setting this parameter to a positive number enables \n backups. Setting this parameter to 0 disables automated backups.

\n

\n Amazon Aurora\n

\n

Not applicable. The retention period for automated backups is managed by the DB cluster.

\n

Default: 1

\n

Constraints:

\n " + "smithy.api#documentation": "

The number of days for which automated backups are retained. Setting this parameter to a positive number enables \n backups. Setting this parameter to 0 disables automated backups.

\n

\n Amazon Aurora\n

\n

Not applicable. The retention period for automated backups is managed by the DB cluster.

\n

Default: 1

\n

Constraints:

\n " } }, "PreferredBackupWindow": { @@ -2621,13 +2621,13 @@ "MultiAZ": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "

A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set \n the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. DB instance Availability Zones (AZs) are managed by the DB cluster.

" + "smithy.api#documentation": "

A value that indicates whether the DB instance is a Multi-AZ deployment. You can't set \n the AvailabilityZone parameter if the DB instance is a Multi-AZ deployment.

\n

This setting doesn't apply to RDS Custom.

" } }, "EngineVersion": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The version number of the database engine to use.

\n

For a list of valid engine versions, use the DescribeDBEngineVersions\n operation.

\n

The following are the database engines and links to information about the major and minor versions that are available with \n Amazon RDS. Not every database engine is available for every Amazon Web Services Region.

\n

\n Amazon Aurora\n

\n

Not applicable. The version number of the database engine to be used by the DB\n instance is managed by the DB cluster.

\n

\n Amazon RDS Custom for Oracle\n

\n

A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV \n name has the following format: 19.customized_string\n . An example identifier is \n 19.my_cev1. For more information, see \n Creating an RDS Custom for Oracle DB instance in the Amazon RDS User Guide.

\n

\n Amazon RDS Custom for SQL Server\n

\n

See RDS Custom for SQL Server general requirements \n in the Amazon RDS User Guide.

\n

\n MariaDB\n

\n

For information, see MariaDB on Amazon RDS Versions in the \n Amazon RDS User Guide.

\n

\n Microsoft SQL Server\n

\n

For information, see Microsoft SQL Server Versions on Amazon RDS in the \n Amazon RDS User Guide.

\n

\n MySQL\n

\n

For information, see MySQL on Amazon RDS Versions in the \n Amazon RDS User Guide.

\n

\n Oracle\n

\n

For information, see Oracle Database Engine Release Notes in the \n Amazon RDS User Guide.

\n

\n PostgreSQL\n

\n

For information, see Amazon RDS for PostgreSQL versions and extensions in the \n Amazon RDS User Guide.

" + "smithy.api#documentation": "

The version number of the database engine to use.

\n

For a list of valid engine versions, use the DescribeDBEngineVersions action.

\n

The following are the database engines and links to information about the major and minor versions that are available with \n Amazon RDS. Not every database engine is available for every Amazon Web Services Region.

\n

\n Amazon Aurora\n

\n

Not applicable. The version number of the database engine to be used by the DB\n instance is managed by the DB cluster.

\n

\n Amazon RDS Custom for Oracle\n

\n

A custom engine version (CEV) that you have previously created. This setting is required for RDS Custom for Oracle. The CEV \n name has the following format: 19.customized_string\n . An example identifier is \n 19.my_cev1. For more information, see \n Creating an RDS Custom for Oracle DB instance in the Amazon RDS User Guide.

\n

\n Amazon RDS Custom for SQL Server\n

\n

See RDS Custom for SQL Server general requirements \n in the Amazon RDS User Guide.

\n

\n MariaDB\n

\n

For information, see MariaDB on Amazon RDS Versions in the \n Amazon RDS User Guide.

\n

\n Microsoft SQL Server\n

\n

For information, see Microsoft SQL Server Versions on Amazon RDS in the \n Amazon RDS User Guide.

\n

\n MySQL\n

\n

For information, see MySQL on Amazon RDS Versions in the \n Amazon RDS User Guide.

\n

\n Oracle\n

\n

For information, see Oracle Database Engine Release Notes in the \n Amazon RDS User Guide.

\n

\n PostgreSQL\n

\n

For information, see Amazon RDS for PostgreSQL versions and extensions in the \n Amazon RDS User Guide.

" } }, "AutoMinorVersionUpgrade": { @@ -2639,19 +2639,19 @@ "LicenseModel": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

License model information for this DB instance.

\n

Valid values: license-included | bring-your-own-license | general-public-license\n

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable.

" + "smithy.api#documentation": "

License model information for this DB instance.

\n

Valid values: license-included | bring-your-own-license | general-public-license\n

\n

This setting doesn't apply to RDS Custom.

" } }, "Iops": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.\n For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.

\n

Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 \n of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 \n of the storage amount for the DB instance.

\n

\n Amazon Aurora\n

\n

Not applicable. Storage is managed by the DB cluster.

" + "smithy.api#documentation": "

The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for the DB instance.\n For information about valid Iops values, see Amazon RDS Provisioned IOPS storage to improve performance in the Amazon RDS User Guide.

\n

Constraints: For MariaDB, MySQL, Oracle, and PostgreSQL DB instances, must be a multiple between .5 and 50 \n of the storage amount for the DB instance. For SQL Server DB instances, must be a multiple between 1 and 50 \n of the storage amount for the DB instance.

" } }, "OptionGroupName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

A value that indicates that the DB instance should be associated with the specified option group.

\n

Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed \n from an option group. Also, that option group can't be removed from a DB instance after it is \n associated with a DB instance.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable.

" + "smithy.api#documentation": "

A value that indicates that the DB instance should be associated with the specified option group.

\n

Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed \n from an option group. Also, that option group can't be removed from a DB instance after it is \n associated with a DB instance.

\n

This setting doesn't apply to RDS Custom.

" } }, "CharacterSetName": { @@ -2687,13 +2687,13 @@ "StorageType": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

Specifies the storage type to be associated with the DB instance.

\n

Valid values: standard | gp2 | io1\n

\n

If you specify io1, you must also include a value for the\n Iops parameter.

\n

Default: io1 if the Iops parameter\n is specified, otherwise gp2\n

\n

\n Amazon Aurora\n

\n

Not applicable. Storage is managed by the DB cluster.

" + "smithy.api#documentation": "

Specifies the storage type to be associated with the DB instance.

\n

Valid values: standard | gp2 | io1\n

\n

If you specify io1, you must also include a value for the\n Iops parameter.

\n

Default: io1 if the Iops parameter\n is specified, otherwise gp2\n

" } }, "TdeCredentialArn": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The ARN from the key store with which to associate the instance for TDE encryption.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable.

" + "smithy.api#documentation": "

The ARN from the key store with which to associate the instance for TDE encryption.

\n

This setting doesn't apply to RDS Custom.

" } }, "TdeCredentialPassword": { @@ -2717,7 +2717,7 @@ "Domain": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL \n Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

\n

For more information, see \n Kerberos Authentication in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. The domain is managed by the DB cluster.

" + "smithy.api#documentation": "

The Active Directory directory ID to create the DB instance in. Currently, only MySQL, Microsoft SQL \n Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.

\n

For more information, see \n Kerberos Authentication in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

" } }, "CopyTagsToSnapshot": { @@ -2741,7 +2741,7 @@ "DomainIAMRoleName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. The domain is managed by the DB cluster.

" + "smithy.api#documentation": "

Specify the name of the IAM role to be used when making API calls to the Directory Service.

\n

This setting doesn't apply to RDS Custom.

" } }, "PromotionTier": { @@ -2759,7 +2759,7 @@ "EnableIAMDatabaseAuthentication": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management\n (IAM) accounts to database accounts. By default, mapping isn't enabled.

\n

For more information, see \n \n IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. Mapping Amazon Web Services IAM accounts to database accounts is managed by the DB cluster.

" + "smithy.api#documentation": "

A value that indicates whether to enable mapping of Amazon Web Services Identity and Access Management\n (IAM) accounts to database accounts. By default, mapping isn't enabled.

\n

This setting doesn't apply to RDS Custom or Amazon Aurora. In Aurora, mapping Amazon Web Services IAM accounts \n to database accounts is managed by the DB cluster.

\n

For more information, see \n \n IAM Database Authentication for MySQL and PostgreSQL in the Amazon RDS User Guide.

" } }, "EnablePerformanceInsights": { @@ -2777,7 +2777,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

\n

This setting doesn't apply to RDS Custom.

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

This setting doesn't apply to RDS Custom.

" } }, "EnableCloudwatchLogsExports": { @@ -2789,7 +2789,7 @@ "ProcessorFeatures": { "target": "com.amazonaws.rds#ProcessorFeatureList", "traits": { - "smithy.api#documentation": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable.

" + "smithy.api#documentation": "

The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.

\n

This setting doesn't apply to RDS Custom.

" } }, "DeletionProtection": { @@ -2801,7 +2801,7 @@ "MaxAllocatedStorage": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

\n

For more information about this setting, including limitations that apply to it, see \n \n Managing capacity automatically with Amazon RDS storage autoscaling \n in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. Storage is managed by the DB cluster.

" + "smithy.api#documentation": "

The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.

\n

For more information about this setting, including limitations that apply to it, see \n \n Managing capacity automatically with Amazon RDS storage autoscaling \n in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

" } }, "EnableCustomerOwnedIp": { @@ -2904,7 +2904,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates a new DB instance that acts as a read replica for an existing source DB\n instance. You can create a read replica for a DB instance running MySQL, MariaDB,\n Oracle, PostgreSQL, or SQL Server. For more information, see Working with Read\n Replicas in the Amazon RDS User Guide.

\n

Amazon Aurora doesn't support this operation. Call the CreateDBInstance\n operation to create a DB instance for an Aurora DB cluster.

\n

All read replica DB instances are created with backups disabled. All other DB\n instance attributes (including DB security groups and DB parameter groups) are inherited\n from the source DB instance, except as specified.

\n \n

Your source DB instance must have backup retention enabled.

\n " + "smithy.api#documentation": "

Creates a new DB instance that acts as a read replica for an existing source DB\n instance. You can create a read replica for a DB instance running MySQL, MariaDB,\n Oracle, PostgreSQL, or SQL Server. For more information, see Working with Read\n Replicas in the Amazon RDS User Guide.

\n

Amazon Aurora doesn't support this action. Call the CreateDBInstance\n action to create a DB instance for an Aurora DB cluster.

\n

All read replica DB instances are created with backups disabled. All other DB\n instance attributes (including DB security groups and DB parameter groups) are inherited\n from the source DB instance, except as specified.

\n \n

Your source DB instance must have backup retention enabled.

\n " } }, "com.amazonaws.rds#CreateDBInstanceReadReplicaMessage": { @@ -2969,7 +2969,7 @@ "DBParameterGroupName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the DB parameter group to associate with this DB instance.

\n

If you do not specify a value for DBParameterGroupName, then Amazon RDS\n uses the DBParameterGroup of source DB instance for a same Region read\n replica, or the default DBParameterGroup for the specified DB engine for a\n cross-Region read replica.

\n

Specifying a parameter group for this operation is only supported for MySQL and Oracle DB instances. \n It isn't supported for RDS Custom.

\n

Constraints:

\n " + "smithy.api#documentation": "

The name of the DB parameter group to associate with this DB instance.

\n

If you do not specify a value for DBParameterGroupName, then Amazon RDS\n uses the DBParameterGroup of source DB instance for a same Region read\n replica, or the default DBParameterGroup for the specified DB engine for a\n cross-Region read replica.

\n

Specifying a parameter group for this operation is only supported for Oracle DB instances. It \n isn't supported for RDS Custom.

\n

Constraints:

\n " } }, "PubliclyAccessible": { @@ -3026,7 +3026,7 @@ "PreSignedUrl": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

When you are creating a read replica from one Amazon Web Services GovCloud (US) Region to another or\n from one China Amazon Web Services Region to another, the URL that contains a Signature Version 4\n signed request for the CreateDBInstanceReadReplica API operation in the\n source Amazon Web Services Region that contains the source DB instance.

\n

This setting applies only to Amazon Web Services GovCloud (US) Regions and \n China Amazon Web Services Regions. It's ignored in other Amazon Web Services Regions.

\n

You must specify this parameter when you create an encrypted read replica from\n another Amazon Web Services Region by using the Amazon RDS API. Don't specify\n PreSignedUrl when you are creating an encrypted read replica in the\n same Amazon Web Services Region.

\n

The presigned URL must be a valid request for the\n CreateDBInstanceReadReplica API operation that can run in the\n source Amazon Web Services Region that contains the encrypted source DB instance. The presigned URL\n request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can run in the source Amazon Web Services Region.

\n

\n SourceRegion isn't supported for SQL Server, because Amazon RDS for SQL Server \n doesn't support cross-Region read replicas.

\n \n

This setting doesn't apply to RDS Custom.

" + "smithy.api#documentation": "

The URL that contains a Signature Version 4 signed request for the CreateDBInstanceReadReplica API action \n in the source Amazon Web Services Region that contains the source DB instance.

\n

You must specify this parameter when you create an encrypted read replica from\n another Amazon Web Services Region by using the Amazon RDS API. Don't specify\n PreSignedUrl when you are creating an encrypted read replica in the\n same Amazon Web Services Region.

\n

The presigned URL must be a valid request for the CreateDBInstanceReadReplica API action \n that can be executed in the source Amazon Web Services Region that contains the encrypted source DB instance. \n The presigned URL request must contain the following parameter values:

\n \n

To learn how to generate a Signature Version 4 signed request, see \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can be executed in the source Amazon Web Services Region.

\n

\n SourceRegion isn't supported for SQL Server, because SQL Server on Amazon RDS\n doesn't support cross-Region read replicas.

\n \n

This setting doesn't apply to RDS Custom.

" } }, "EnableIAMDatabaseAuthentication": { @@ -3050,7 +3050,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

\n \n

This setting doesn't apply to RDS Custom.

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

This setting doesn't apply to RDS Custom.

" } }, "EnableCloudwatchLogsExports": { @@ -3601,7 +3601,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an RDS event notification subscription. This operation requires a topic Amazon\n Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API.\n To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the\n topic. The ARN is displayed in the SNS console.

\n

You can specify the type of source (SourceType) that you want to be\n notified of and provide a list of RDS sources (SourceIds) that triggers the\n events. You can also provide a list of event categories (EventCategories)\n for events that you want to be notified of. For example, you can specify\n SourceType = db-instance, SourceIds =\n mydbinstance1, mydbinstance2 and\n EventCategories = Availability,\n Backup.

\n

If you specify both the SourceType and SourceIds, such as SourceType = db-instance\n and SourceIds = myDBInstance1, you are notified of all the db-instance events for\n the specified source. If you specify a SourceType but do not specify SourceIds,\n you receive notice of the events for that source type for all your RDS sources. If you\n don't specify either the SourceType or the SourceIds, you are notified of events\n generated from all RDS sources belonging to your customer account.

\n \n

RDS event notification is only available for unencrypted SNS topics. If you specify an \n encrypted SNS topic, event notifications aren't sent for the topic.

\n " + "smithy.api#documentation": "

Creates an RDS event notification subscription. This action requires a topic Amazon\n Resource Name (ARN) created by either the RDS console, the SNS console, or the SNS API.\n To obtain an ARN with SNS, you must create a topic in Amazon SNS and subscribe to the\n topic. The ARN is displayed in the SNS console.

\n

You can specify the type of source (SourceType) that you want to be\n notified of and provide a list of RDS sources (SourceIds) that triggers the\n events. You can also provide a list of event categories (EventCategories)\n for events that you want to be notified of. For example, you can specify\n SourceType = db-instance, SourceIds =\n mydbinstance1, mydbinstance2 and\n EventCategories = Availability,\n Backup.

\n

If you specify both the SourceType and SourceIds, such as SourceType = db-instance\n and SourceIds = myDBInstance1, you are notified of all the db-instance events for\n the specified source. If you specify a SourceType but do not specify SourceIds,\n you receive notice of the events for that source type for all your RDS sources. If you\n don't specify either the SourceType or the SourceIds, you are notified of events\n generated from all RDS sources belonging to your customer account.

\n \n

RDS event notification is only available for unencrypted SNS topics. If you specify an \n encrypted SNS topic, event notifications aren't sent for the topic.

\n " } }, "com.amazonaws.rds#CreateEventSubscriptionMessage": { @@ -3684,7 +3684,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an Aurora global database\n spread across multiple Amazon Web Services Regions. The global database\n contains a single primary cluster with read-write capability,\n and a read-only secondary cluster that receives\n data from the primary cluster through high-speed replication\n performed by the Aurora storage subsystem.

\n

You can create a global database that is initially empty, and then\n add a primary cluster and a secondary cluster to it.\n Or you can specify an existing Aurora cluster during the create operation,\n and this cluster becomes the primary cluster of the global database.

\n \n

This action applies only to Aurora DB clusters.

\n " + "smithy.api#documentation": "

Creates an Aurora global database\n spread across multiple Amazon Web Services Regions. The global database\n contains a single primary cluster with read-write capability,\n and a read-only secondary cluster that receives\n data from the primary cluster through high-speed replication\n performed by the Aurora storage subsystem.

\n

You can create a global database that is initially empty, and then\n add a primary cluster and a secondary cluster to it.\n Or you can specify an existing Aurora cluster during the create operation,\n and this cluster becomes the primary cluster of the global database.

\n \n

This action only applies to Aurora DB clusters.

\n " } }, "com.amazonaws.rds#CreateGlobalClusterMessage": { @@ -3723,7 +3723,7 @@ "DatabaseName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name for your database of up to 64 alphanumeric characters. If you do not provide\n a name, Amazon Aurora will not create a database in the global database cluster you are\n creating.

" + "smithy.api#documentation": "

The name for your database of up to 64 alpha-numeric characters. If you do not provide a name, Amazon\n Aurora will not create a database in the global database cluster you are creating.

" } }, "StorageEncrypted": { @@ -4325,7 +4325,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

This setting is only for non-Aurora Multi-AZ DB clusters.

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

This setting is only for non-Aurora Multi-AZ DB clusters.

" } }, "ServerlessV2ScalingConfiguration": { @@ -5733,7 +5733,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n " + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

" } }, "EnabledCloudwatchLogsExports": { @@ -9073,6 +9073,134 @@ "outputToken": "Marker", "items": "DBClusters", "pageSize": "MaxRecords" + }, + "smithy.waiters#waitable": { + "DBClusterAvailable": { + "acceptors": [ + { + "state": "success", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "available", + "comparator": "allStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "deleted", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "deleting", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "failed", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "incompatible-restore", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "incompatible-parameters", + "comparator": "anyStringEquals" + } + } + } + ], + "minDelay": 30 + }, + "DBClusterDeleted": { + "acceptors": [ + { + "state": "success", + "matcher": { + "output": { + "path": "length(DBClusters) == `0`", + "expected": "true", + "comparator": "booleanEquals" + } + } + }, + { + "state": "success", + "matcher": { + "errorType": "DBClusterNotFoundFault" + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "creating", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "modifying", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "rebooting", + "comparator": "anyStringEquals" + } + } + }, + { + "state": "failure", + "matcher": { + "output": { + "path": "DBClusters[].Status", + "expected": "resetting-master-credentials", + "comparator": "anyStringEquals" + } + } + } + ], + "minDelay": 30 + } } } }, @@ -10581,7 +10709,7 @@ "target": "com.amazonaws.rds#EventsMessage" }, "traits": { - "smithy.api#documentation": "

Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, DB cluster snapshots, and RDS Proxies for the past 14 days. \n Events specific to a particular DB instance, DB cluster, DB parameter group, DB security group, DB snapshot, DB cluster snapshot group, or RDS Proxy can be \n obtained by providing the name as a parameter.

\n

For more information on working with events, see Monitoring Amazon RDS events in the Amazon RDS User Guide and Monitoring Amazon Aurora\n events in the Amazon Aurora User Guide.

\n \n

By default, RDS returns events that were generated in the past hour.

\n ", + "smithy.api#documentation": "

Returns events related to DB instances, DB clusters, DB parameter groups, DB security groups, DB snapshots, DB cluster snapshots, and RDS Proxies for the past 14 days. \n Events specific to a particular DB instance, DB cluster, DB parameter group, DB security group, DB snapshot, DB cluster snapshot group, or RDS Proxy can be \n obtained by providing the name as a parameter.

\n \n

By default, RDS returns events that were generated in the past hour.

\n ", "smithy.api#paginated": { "inputToken": "Marker", "outputToken": "Marker", @@ -11643,7 +11771,7 @@ } }, "traits": { - "smithy.api#documentation": "

This data type is used as a response element in the DescribeEvents action.

" + "smithy.api#documentation": "

This data type is used as a response element in the DescribeEvents action.

" } }, "com.amazonaws.rds#EventCategoriesList": { @@ -11672,7 +11800,7 @@ } }, "traits": { - "smithy.api#documentation": "

Contains the results of a successful invocation of the DescribeEventCategories\n operation.

" + "smithy.api#documentation": "

Contains the results of a successful invocation of the DescribeEventCategories operation.

" } }, "com.amazonaws.rds#EventCategoriesMapList": { @@ -12022,7 +12150,7 @@ } ], "traits": { - "smithy.api#documentation": "

Forces a failover for a DB cluster.

\n

For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances)\n in the DB cluster to be the primary DB instance (the cluster writer).

\n

For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances)\n in the DB cluster to be the primary DB instance (the cluster writer).

\n

An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists,\n when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readable standby \n DB instance when the primary DB instance fails.

\n

To simulate a failure of a primary instance for testing, you can force a failover. \n Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing \n connections that use those endpoint addresses when the failover is complete.

\n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

Forces a failover for a DB cluster.

\n

For an Aurora DB cluster, failover for a DB cluster promotes one of the Aurora Replicas (read-only instances)\n in the DB cluster to be the primary DB instance (the cluster writer).

\n

For a Multi-AZ DB cluster, failover for a DB cluster promotes one of the readable standby DB instances (read-only instances)\n in the DB cluster to be the primary DB instance (the cluster writer).

\n

An Amazon Aurora DB cluster automatically fails over to an Aurora Replica, if one exists,\n when the primary DB instance fails. A Multi-AZ DB cluster automatically fails over to a readbable standby \n DB instance when the primary DB instance fails.

\n

To simulate a failure of a primary instance for testing, you can force a failover. \n Because each instance in a DB cluster has its own endpoint address, make sure to clean up and re-establish any existing \n connections that use those endpoint addresses when the failover is complete.

\n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.

" } }, "com.amazonaws.rds#FailoverDBClusterMessage": { @@ -13594,7 +13722,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

\n

Valid for: Multi-AZ DB clusters only

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

Valid for: Multi-AZ DB clusters only

" } }, "ServerlessV2ScalingConfiguration": { @@ -13622,7 +13750,7 @@ } ], "traits": { - "smithy.api#documentation": "

Modifies the parameters of a DB cluster parameter group. To modify more than one parameter,\n submit a list of the following: ParameterName, ParameterValue, \n and ApplyMethod. A maximum of 20\n parameters can be modified in a single request.

\n \n

After you create a DB cluster parameter group, you should wait at least 5 minutes\n before creating your first DB cluster that uses that DB cluster parameter group as the default parameter \n group. This allows Amazon RDS to fully complete the create action before the parameter \n group is used as the default for a new DB cluster. This is especially important for parameters \n that are critical when creating the default database for a DB cluster, such as the character set \n for the default database defined by the character_set_database parameter. You can use the \n Parameter Groups option of the Amazon RDS console or the \n DescribeDBClusterParameters operation to verify \n that your DB cluster parameter group has been created or modified.

\n

If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora\n applies the update immediately. The cluster restart might interrupt your workload. In that case,\n your application must reopen any connections and retry any transactions that were active\n when the parameter changes took effect.

\n \n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.\n

" + "smithy.api#documentation": "

Modifies the parameters of a DB cluster parameter group. To modify more than one parameter,\n submit a list of the following: ParameterName, ParameterValue, \n and ApplyMethod. A maximum of 20\n parameters can be modified in a single request.

\n \n

After you create a DB cluster parameter group, you should wait at least 5 minutes\n before creating your first DB cluster that uses that DB cluster parameter group as the default parameter \n group. This allows Amazon RDS to fully complete the create action before the parameter \n group is used as the default for a new DB cluster. This is especially important for parameters \n that are critical when creating the default database for a DB cluster, such as the character set \n for the default database defined by the character_set_database parameter. You can use the \n Parameter Groups option of the Amazon RDS console or the \n DescribeDBClusterParameters action to verify \n that your DB cluster parameter group has been created or modified.

\n

If the modified DB cluster parameter group is used by an Aurora Serverless v1 cluster, Aurora\n applies the update immediately. The cluster restart might interrupt your workload. In that case,\n your application must reopen any connections and retry any transactions that were active\n when the parameter changes took effect.

\n \n

For more information on Amazon Aurora DB clusters, see \n \n What is Amazon Aurora? in the Amazon Aurora User Guide.

\n

For more information on Multi-AZ DB clusters, see \n \n Multi-AZ deployments with two readable standby DB instances in the Amazon RDS User Guide.\n

" } }, "com.amazonaws.rds#ModifyDBClusterParameterGroupMessage": { @@ -13675,7 +13803,7 @@ } ], "traits": { - "smithy.api#documentation": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot.

\n

To share a manual DB cluster snapshot with other Amazon Web Services accounts, specify\n restore as the AttributeName and use the\n ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are\n authorized to restore the manual DB cluster snapshot. Use the value all to\n make the manual DB cluster snapshot public, which means that it can be copied or\n restored by all Amazon Web Services accounts.

\n \n

Don't add the all value for any manual DB cluster snapshots\n that contain private information that you don't want available to all Amazon Web Services\n accounts.

\n \n

If a manual DB cluster snapshot is encrypted, it can be shared, but only by\n specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd\n parameter. You can't use all as a value for that parameter in this\n case.

\n

To view which Amazon Web Services accounts have access to copy or restore a manual DB cluster\n snapshot, or whether a manual DB cluster snapshot is public or private, use the DescribeDBClusterSnapshotAttributes API operation. The accounts are\n returned as values for the restore attribute.

" + "smithy.api#documentation": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB cluster snapshot.

\n

To share a manual DB cluster snapshot with other Amazon Web Services accounts, specify\n restore as the AttributeName and use the\n ValuesToAdd parameter to add a list of IDs of the Amazon Web Services accounts that are\n authorized to restore the manual DB cluster snapshot. Use the value all to\n make the manual DB cluster snapshot public, which means that it can be copied or\n restored by all Amazon Web Services accounts.

\n \n

Don't add the all value for any manual DB cluster snapshots\n that contain private information that you don't want available to all Amazon Web Services\n accounts.

\n \n

If a manual DB cluster snapshot is encrypted, it can be shared, but only by\n specifying a list of authorized Amazon Web Services account IDs for the ValuesToAdd\n parameter. You can't use all as a value for that parameter in this\n case.

\n

To view which Amazon Web Services accounts have access to copy or restore a manual DB cluster\n snapshot, or whether a manual DB cluster snapshot is public or private, use the DescribeDBClusterSnapshotAttributes API action. The accounts are\n returned as values for the restore attribute.

" } }, "com.amazonaws.rds#ModifyDBClusterSnapshotAttributeMessage": { @@ -13691,7 +13819,7 @@ "AttributeName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the DB cluster snapshot attribute to modify.

\n

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB cluster snapshot, \n set this value to restore.

\n \n

To view the list of attributes available to modify, use the\n DescribeDBClusterSnapshotAttributes API operation.

\n ", + "smithy.api#documentation": "

The name of the DB cluster snapshot attribute to modify.

\n

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB cluster snapshot, \n set this value to restore.

\n \n

To view the list of attributes available to modify, use the\n DescribeDBClusterSnapshotAttributes API action.

\n ", "smithy.api#required": {} } }, @@ -13813,7 +13941,7 @@ "DBInstanceClass": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The new compute and memory capacity of the DB instance, for example db.m5.large.\n Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.\n For the full list of DB instance classes, and availability for your engine, see\n DB instance \n classes in the Amazon RDS User Guide or \n Aurora \n DB instance classes in the Amazon Aurora User Guide.

\n

If you modify the DB instance class, an outage occurs during the change.\n The change is applied during the next maintenance window,\n unless ApplyImmediately is enabled for this request.

\n

This setting doesn't apply to RDS Custom for Oracle.

\n

Default: Uses existing setting

" + "smithy.api#documentation": "

The new compute and memory capacity of the DB instance, for example db.m4.large.\n Not all DB instance classes are available in all Amazon Web Services Regions, or for all database engines.\n For the full list of DB instance classes,\n and availability for your engine, see\n DB Instance Class in the Amazon RDS User Guide.

\n

If you modify the DB instance class, an outage occurs during the change.\n The change is applied during the next maintenance window,\n unless ApplyImmediately is enabled for this request.

\n

This setting doesn't apply to RDS Custom for Oracle.

\n

Default: Uses existing setting

" } }, "DBSubnetGroupName": { @@ -13843,7 +13971,7 @@ "MasterUserPassword": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The new password for the master user. The password can include any printable ASCII \n character except \"/\", \"\"\", or \"@\".

\n

Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. \n Between the time of the request and the completion of the request,\n the MasterUserPassword element exists in the\n PendingModifiedValues element of the operation response.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. The password for the master user is managed by the DB cluster. For\n more information, see ModifyDBCluster.

\n

Default: Uses existing setting

\n

\n MariaDB\n

\n

Constraints: Must contain from 8 to 41 characters.

\n

\n Microsoft SQL Server\n

\n

Constraints: Must contain from 8 to 128 characters.

\n

\n MySQL\n

\n

Constraints: Must contain from 8 to 41 characters.

\n

\n Oracle\n

\n

Constraints: Must contain from 8 to 30 characters.

\n

\n PostgreSQL\n

\n

Constraints: Must contain from 8 to 128 characters.

\n \n

Amazon RDS API operations never return the password, \n so this action provides a way to regain access to a primary instance user if the password is lost. \n This includes restoring privileges that might have been accidentally revoked.

\n " + "smithy.api#documentation": "

The new password for the master user. The password can include any printable ASCII \n character except \"/\", \"\"\", or \"@\".

\n

Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. \n Between the time of the request and the completion of the request,\n the MasterUserPassword element exists in the\n PendingModifiedValues element of the operation response.

\n

This setting doesn't apply to RDS Custom.

\n

\n Amazon Aurora\n

\n

Not applicable. The password for the master user is managed by the DB cluster. For\n more information, see ModifyDBCluster.

\n

Default: Uses existing setting

\n

\n MariaDB\n

\n

Constraints: Must contain from 8 to 41 characters.

\n

\n Microsoft SQL Server\n

\n

Constraints: Must contain from 8 to 128 characters.

\n

\n MySQL\n

\n

Constraints: Must contain from 8 to 41 characters.

\n

\n Oracle\n

\n

Constraints: Must contain from 8 to 30 characters.

\n

\n PostgreSQL\n

\n

Constraints: Must contain from 8 to 128 characters.

\n \n

Amazon RDS API actions never return the password, \n so this action provides a way to regain access to a primary instance user if the password is lost. \n This includes restoring privileges that might have been accidentally revoked.

\n " } }, "DBParameterGroupName": { @@ -13855,7 +13983,7 @@ "BackupRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

\n \n

Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.

\n \n

These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled\n for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously\n applied as soon as possible.

\n

\n Amazon Aurora\n

\n

Not applicable. The retention period for automated backups is managed by the DB\n cluster. For more information, see ModifyDBCluster.

\n

Default: Uses existing setting

\n

Constraints:

\n " + "smithy.api#documentation": "

The number of days to retain automated backups. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.

\n \n

Enabling and disabling backups can result in a brief I/O suspension that lasts from a few seconds to a few minutes, depending on the size and class of your DB instance.

\n \n

These changes are applied during the next maintenance window unless the ApplyImmediately parameter is enabled\n for this request. If you change the parameter from one non-zero value to another non-zero value, the change is asynchronously\n applied as soon as possible.

\n

\n Amazon Aurora\n

\n

Not applicable. The retention period for automated backups is managed by the DB\n cluster. For more information, see ModifyDBCluster.

\n

Default: Uses existing setting

\n

Constraints:

\n " } }, "PreferredBackupWindow": { @@ -13999,7 +14127,7 @@ "EnablePerformanceInsights": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "

A value that indicates whether to enable Performance Insights for the DB instance.

\n

For more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide.

\n

This setting doesn't apply to RDS Custom.

" + "smithy.api#documentation": "

A value that indicates whether to enable Performance Insights for the DB instance.

\n

For more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide..

\n

This setting doesn't apply to RDS Custom.

" } }, "PerformanceInsightsKMSKeyId": { @@ -14011,7 +14139,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

\n

This setting doesn't apply to RDS Custom.

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

\n

This setting doesn't apply to RDS Custom.

" } }, "CloudwatchLogsExportConfiguration": { @@ -14319,14 +14447,14 @@ "TargetGroupName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the target group to modify.

", + "smithy.api#documentation": "

The name of the new target group to assign to the proxy.

", "smithy.api#required": {} } }, "DBProxyName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the proxy.

", + "smithy.api#documentation": "

The name of the new proxy to which to assign the target group.

", "smithy.api#required": {} } }, @@ -14392,7 +14520,7 @@ } ], "traits": { - "smithy.api#documentation": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB snapshot.

\n

To share a manual DB snapshot with other Amazon Web Services accounts, specify restore\n as the AttributeName and use the ValuesToAdd parameter to add\n a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB snapshot.\n Uses the value all to make the manual DB snapshot public, which means it\n can be copied or restored by all Amazon Web Services accounts.

\n \n

Don't add the all value for any manual DB snapshots that\n contain private information that you don't want available to all Amazon Web Services\n accounts.

\n \n

If the manual DB snapshot is encrypted, it can be shared, but only by specifying a\n list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You\n can't use all as a value for that parameter in this case.

\n

To view which Amazon Web Services accounts have access to copy or restore a manual DB snapshot, or\n whether a manual DB snapshot public or private, use the DescribeDBSnapshotAttributes API operation. The accounts are returned as\n values for the restore attribute.

" + "smithy.api#documentation": "

Adds an attribute and values to, or removes an attribute and values from, a manual DB snapshot.

\n

To share a manual DB snapshot with other Amazon Web Services accounts, specify restore\n as the AttributeName and use the ValuesToAdd parameter to add\n a list of IDs of the Amazon Web Services accounts that are authorized to restore the manual DB snapshot.\n Uses the value all to make the manual DB snapshot public, which means it\n can be copied or restored by all Amazon Web Services accounts.

\n \n

Don't add the all value for any manual DB snapshots that\n contain private information that you don't want available to all Amazon Web Services\n accounts.

\n \n

If the manual DB snapshot is encrypted, it can be shared, but only by specifying a\n list of authorized Amazon Web Services account IDs for the ValuesToAdd parameter. You\n can't use all as a value for that parameter in this case.

\n

To view which Amazon Web Services accounts have access to copy or restore a manual DB snapshot, or\n whether a manual DB snapshot public or private, use the DescribeDBSnapshotAttributes API action. The accounts are returned as\n values for the restore attribute.

" } }, "com.amazonaws.rds#ModifyDBSnapshotAttributeMessage": { @@ -14408,7 +14536,7 @@ "AttributeName": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the DB snapshot attribute to modify.

\n

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB snapshot, \n set this value to restore.

\n \n

To view the list of attributes available to modify, use the\n DescribeDBSnapshotAttributes API operation.

\n ", + "smithy.api#documentation": "

The name of the DB snapshot attribute to modify.

\n

To manage authorization for other Amazon Web Services accounts to copy or restore a manual DB snapshot, \n set this value to restore.

\n \n

To view the list of attributes available to modify, use the\n DescribeDBSnapshotAttributes API action.

\n ", "smithy.api#required": {} } }, @@ -17204,14 +17332,14 @@ "Engine": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The name of the database engine to be used for this DB cluster.

\n

Valid Values: aurora (for MySQL 5.6-compatible Aurora) and aurora-mysql \n (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora)

", + "smithy.api#documentation": "

The name of the database engine to be used for this DB cluster.

\n

Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), and aurora-postgresql\n

", "smithy.api#required": {} } }, "EngineVersion": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The version number of the database engine to use.

\n

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

\n

\n aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"\n

\n

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:

\n

\n aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"\n

\n

\n Aurora MySQL\n

\n

Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.mysql_aurora.2.07.1,\n 8.0.mysql_aurora.3.02.0\n

" + "smithy.api#documentation": "

The version number of the database engine to use.

\n

To list all of the available engine versions for aurora (for MySQL 5.6-compatible Aurora), use the following command:

\n

\n aws rds describe-db-engine-versions --engine aurora --query \"DBEngineVersions[].EngineVersion\"\n

\n

To list all of the available engine versions for aurora-mysql (for MySQL 5.7-compatible and MySQL 8.0-compatible Aurora), use the following command:

\n

\n aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"\n

\n

To list all of the available engine versions for aurora-postgresql, use the following command:

\n

\n aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"\n

\n

\n Aurora MySQL\n

\n

Example: 5.6.10a, 5.6.mysql_aurora.1.19.2, 5.7.12, 5.7.mysql_aurora.2.04.5, 8.0.mysql_aurora.3.01.0\n

\n

\n Aurora PostgreSQL\n

\n

Example: 9.6.3, 10.7\n

" } }, "Port": { @@ -17514,7 +17642,7 @@ "EnableCloudwatchLogsExports": { "target": "com.amazonaws.rds#LogTypeList", "traits": { - "smithy.api#documentation": "

The list of logs that the restored DB cluster is to export to Amazon CloudWatch Logs.\n The values in the list depend on the DB engine being used.

\n

\n RDS for MySQL\n

\n

Possible values are error, general, and slowquery.

\n

\n RDS for PostgreSQL\n

\n

Possible values are postgresql and upgrade.

\n

\n Aurora MySQL\n

\n

Possible values are audit, error, general, and slowquery.

\n

\n Aurora PostgreSQL\n

\n

Possible value is postgresql.

\n

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

\n

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

\n

Valid for: Aurora DB clusters and Multi-AZ DB clusters

" + "smithy.api#documentation": "

The list of logs that the restored DB cluster is to export to Amazon CloudWatch Logs.\n The values in the list depend on the DB engine being used.

\n

\n RDS for MySQL\n

\n

Possible values are error, general, and slowquery.

\n

\n RDS for PostgreSQL\n

\n

Possible values are postgresql and upgrade.

\n

\n Aurora MySQL\n

\n

Possible values are audit, error, general, and slowquery.

\n

\n Aurora PostgreSQL\n

\n

Possible value is postgresql.

\n

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide..

\n

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

\n

Valid for: Aurora DB clusters and Multi-AZ DB clusters

" } }, "EngineMode": { @@ -17750,7 +17878,7 @@ "EnableCloudwatchLogsExports": { "target": "com.amazonaws.rds#LogTypeList", "traits": { - "smithy.api#documentation": "

The list of logs that the restored DB cluster is to export to CloudWatch Logs. The values\n in the list depend on the DB engine being used.

\n

\n RDS for MySQL\n

\n

Possible values are error, general, and slowquery.

\n

\n RDS for PostgreSQL\n

\n

Possible values are postgresql and upgrade.

\n

\n Aurora MySQL\n

\n

Possible values are audit, error, general, and slowquery.

\n

\n Aurora PostgreSQL\n

\n

Possible value is postgresql.

\n

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide.

\n

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

\n

Valid for: Aurora DB clusters and Multi-AZ DB clusters

" + "smithy.api#documentation": "

The list of logs that the restored DB cluster is to export to CloudWatch Logs. The values\n in the list depend on the DB engine being used.

\n

\n RDS for MySQL\n

\n

Possible values are error, general, and slowquery.

\n

\n RDS for PostgreSQL\n

\n

Possible values are postgresql and upgrade.

\n

\n Aurora MySQL\n

\n

Possible values are audit, error, general, and slowquery.

\n

\n Aurora PostgreSQL\n

\n

Possible value is postgresql.

\n

For more information about exporting CloudWatch Logs for Amazon RDS, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon RDS User Guide..

\n

For more information about exporting CloudWatch Logs for Amazon Aurora, see Publishing Database Logs to Amazon CloudWatch Logs in the Amazon Aurora User Guide.

\n

Valid for: Aurora DB clusters and Multi-AZ DB clusters

" } }, "DBClusterParameterGroupName": { @@ -18416,7 +18544,7 @@ "EnablePerformanceInsights": { "target": "com.amazonaws.rds#BooleanOptional", "traits": { - "smithy.api#documentation": "

A value that indicates whether to enable Performance Insights for the DB instance.

\n

For more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide.

" + "smithy.api#documentation": "

A value that indicates whether to enable Performance Insights for the DB instance.

\n

For more information, see \n Using Amazon Performance Insights in the Amazon RDS User Guide..

" } }, "PerformanceInsightsKMSKeyId": { @@ -18428,7 +18556,7 @@ "PerformanceInsightsRetentionPeriod": { "target": "com.amazonaws.rds#IntegerOptional", "traits": { - "smithy.api#documentation": "

The number of days to retain Performance Insights data. The default is 7 days. The following values are valid:

\n \n

For example, the following values are valid:

\n \n

If you specify a retention period such as 94, which isn't a valid value, RDS issues an error.

" + "smithy.api#documentation": "

The amount of time, in days, to retain Performance Insights data. Valid values are 7 or 731 (2 years).

" } }, "EnableCloudwatchLogsExports": { @@ -19480,7 +19608,7 @@ "PreSignedUrl": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

In an Amazon Web Services GovCloud (US) Region, an URL that contains a Signature Version 4 signed request \n for the StartDBInstanceAutomatedBackupsReplication operation to call \n in the Amazon Web Services Region of the source DB instance. The presigned URL must be a valid request for the\n StartDBInstanceAutomatedBackupsReplication API operation that can run in \n the Amazon Web Services Region that contains the source DB instance.

\n

This setting applies only to Amazon Web Services GovCloud (US) Regions. It's ignored in other\n Amazon Web Services Regions.

\n

To learn how to generate a Signature Version 4 signed request, see \n \n Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4) and\n \n Signature Version 4 Signing Process.

\n \n

If you are using an Amazon Web Services SDK tool or the CLI, you can specify\n SourceRegion (or --source-region for the CLI)\n instead of specifying PreSignedUrl manually. Specifying\n SourceRegion autogenerates a presigned URL that is a valid request\n for the operation that can run in the source Amazon Web Services Region.

\n " + "smithy.api#documentation": "

A URL that contains a Signature Version 4 signed request for the StartDBInstanceAutomatedBackupsReplication action to be \n called in the Amazon Web Services Region of the source DB instance. The presigned URL must be a valid request for the\n StartDBInstanceAutomatedBackupsReplication API action that can be executed in the Amazon Web Services Region that contains\n the source DB instance.

" } } } @@ -19765,7 +19893,7 @@ } ], "traits": { - "smithy.api#documentation": "

Stops automated backup replication for a DB instance.

\n

This command doesn't apply to RDS Custom, Aurora MySQL, and Aurora PostgreSQL.

\n

For more information, see \n Replicating Automated Backups to Another Amazon Web Services Region in the Amazon RDS User Guide.\n

" + "smithy.api#documentation": "

Stops automated backup replication for a DB instance.

\n

This command doesn't apply to RDS Custom.

\n

For more information, see \n Replicating Automated Backups to Another Amazon Web Services Region in the Amazon RDS User Guide.\n

" } }, "com.amazonaws.rds#StopDBInstanceAutomatedBackupsReplicationMessage": { @@ -20432,7 +20560,7 @@ "Status": { "target": "com.amazonaws.rds#String", "traits": { - "smithy.api#documentation": "

The membership status of the VPC security group.

\n

Currently, the only valid status is active.

" + "smithy.api#documentation": "

The status of the VPC security group.

" } } }, diff --git a/codegen/sdk-codegen/aws-models/rolesanywhere.json b/codegen/sdk-codegen/aws-models/rolesanywhere.json new file mode 100644 index 00000000000..e9994149013 --- /dev/null +++ b/codegen/sdk-codegen/aws-models/rolesanywhere.json @@ -0,0 +1,2056 @@ +{ + "smithy": "1.0", + "shapes": { + "com.amazonaws.rolesanywhere#AccessDeniedException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

You do not have sufficient access to perform this action.

", + "smithy.api#error": "client", + "smithy.api#httpError": 403 + } + }, + "com.amazonaws.rolesanywhere#AmazonResourceName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1011 + } + } + }, + "com.amazonaws.rolesanywhere#CreateProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#CreateProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Creates a profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can intersect permissions with IAM managed policies.

\n

\n Required permissions: \n rolesanywhere:CreateProfile. \n

", + "smithy.api#http": { + "uri": "/profiles", + "method": "POST", + "code": 201 + } + } + }, + "com.amazonaws.rolesanywhere#CreateProfileRequest": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the profile.

", + "smithy.api#required": {} + } + }, + "requireInstanceProperties": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Specifies whether instance properties are required in CreateSession requests with this profile.

" + } + }, + "sessionPolicy": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A session policy that applies to the trust boundary of the vended session credentials.

" + } + }, + "roleArns": { + "target": "com.amazonaws.rolesanywhere#RoleArnList", + "traits": { + "smithy.api#documentation": "

A list of IAM roles that this profile can assume in a CreateSession operation.

", + "smithy.api#required": {} + } + }, + "managedPolicyArns": { + "target": "com.amazonaws.rolesanywhere#ManagedPolicyList", + "traits": { + "smithy.api#documentation": "

A list of managed policy ARNs that apply to the vended session credentials.

" + } + }, + "durationSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

The number of seconds the vended session credentials are valid for.

", + "smithy.api#range": { + "min": 900, + "max": 43200 + } + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Specifies whether the profile is enabled.

" + } + }, + "tags": { + "target": "com.amazonaws.rolesanywhere#TagList", + "traits": { + "smithy.api#documentation": "

The tags to attach to the profile.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#CreateTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#CreateTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Creates a trust anchor. You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. A Trust Anchor is defined either as a reference to a AWS Certificate Manager Private Certificate Authority (ACM PCA), or by uploading a Certificate Authority (CA) certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the trusted Certificate Authority (CA) in exchange for temporary AWS credentials.

\n

\n Required permissions: \n rolesanywhere:CreateTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchors", + "method": "POST", + "code": 201 + } + } + }, + "com.amazonaws.rolesanywhere#CreateTrustAnchorRequest": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the trust anchor.

", + "smithy.api#required": {} + } + }, + "source": { + "target": "com.amazonaws.rolesanywhere#Source", + "traits": { + "smithy.api#documentation": "

The trust anchor type and its related certificate data.

", + "smithy.api#required": {} + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Specifies whether the trust anchor is enabled.

" + } + }, + "tags": { + "target": "com.amazonaws.rolesanywhere#TagList", + "traits": { + "smithy.api#documentation": "

The tags to attach to the trust anchor.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#CredentialSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#CredentialSummary" + } + }, + "com.amazonaws.rolesanywhere#CredentialSummary": { + "type": "structure", + "members": { + "seenAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "serialNumber": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The serial number of the certificate.

" + } + }, + "issuer": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The fully qualified domain name of the issuing certificate for the presented end-entity certificate.

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the credential is enabled.

" + } + }, + "x509CertificateData": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The PEM-encoded data of the certificate.

" + } + }, + "failed": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the CreateSession operation was successful.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A record of a presented X509 credential to CreateSession.

" + } + }, + "com.amazonaws.rolesanywhere#Crl": { + "type": "resource", + "identifiers": { + "crlId": { + "target": "com.amazonaws.rolesanywhere#Uuid" + } + }, + "create": { + "target": "com.amazonaws.rolesanywhere#ImportCrl" + }, + "read": { + "target": "com.amazonaws.rolesanywhere#GetCrl" + }, + "update": { + "target": "com.amazonaws.rolesanywhere#UpdateCrl" + }, + "delete": { + "target": "com.amazonaws.rolesanywhere#DeleteCrl" + }, + "list": { + "target": "com.amazonaws.rolesanywhere#ListCrls" + }, + "operations": [ + { + "target": "com.amazonaws.rolesanywhere#DisableCrl" + }, + { + "target": "com.amazonaws.rolesanywhere#EnableCrl" + } + ] + }, + "com.amazonaws.rolesanywhere#CrlDetail": { + "type": "structure", + "members": { + "crlId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the certificate revocation list (CRL).

" + } + }, + "crlArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ARN of the certificate revocation list (CRL).

" + } + }, + "name": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The name of the certificate revocation list (CRL).

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the certificate revocation list (CRL) is enabled.

" + } + }, + "crlData": { + "target": "smithy.api#Blob", + "traits": { + "smithy.api#documentation": "

The state of the certificate revocation list (CRL) after a read or write operation.

" + } + }, + "trustAnchorArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the certificate revocation list (CRL) was created.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the certificate revocation list (CRL) was last updated.

", + "smithy.api#timestampFormat": "date-time" + } + } + }, + "traits": { + "smithy.api#documentation": "

The state of the certificate revocation list (CRL) after a read or write operation.

" + } + }, + "com.amazonaws.rolesanywhere#CrlDetailResponse": { + "type": "structure", + "members": { + "crl": { + "target": "com.amazonaws.rolesanywhere#CrlDetail", + "traits": { + "smithy.api#documentation": "

The state of the certificate revocation list (CRL) after a read or write operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#CrlDetails": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#CrlDetail" + } + }, + "com.amazonaws.rolesanywhere#DeleteCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Deletes a certificate revocation list (CRL).

\n

\n Required permissions: \n rolesanywhere:DeleteCrl. \n

", + "smithy.api#http": { + "uri": "/crl/{crlId}", + "method": "DELETE" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.rolesanywhere#DeleteProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Deletes a profile.

\n

\n Required permissions: \n rolesanywhere:DeleteProfile. \n

", + "smithy.api#http": { + "uri": "/profile/{profileId}", + "method": "DELETE" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.rolesanywhere#DeleteTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Deletes a trust anchor.

\n

\n Required permissions: \n rolesanywhere:DeleteTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchor/{trustAnchorId}", + "method": "DELETE" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.rolesanywhere#DisableCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Disables a certificate revocation list (CRL).

\n

\n Required permissions: \n rolesanywhere:DisableCrl. \n

", + "smithy.api#http": { + "uri": "/crl/{crlId}/disable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#DisableProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Disables a profile. When disabled, CreateSession requests with this profile fail.

\n

\n Required permissions: \n rolesanywhere:DisableProfile. \n

", + "smithy.api#http": { + "uri": "/profile/{profileId}/disable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#DisableTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Disables a trust anchor. When disabled, CreateSession requests specifying this trust anchor are unauthorized.

\n

\n Required permissions: \n rolesanywhere:DisableTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchor/{trustAnchorId}/disable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#EnableCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Enables a certificate revocation list (CRL). When enabled, certificates stored in the CRL are unauthorized to receive session credentials.

\n

\n Required permissions: \n rolesanywhere:EnableCrl. \n

", + "smithy.api#http": { + "uri": "/crl/{crlId}/enable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#EnableProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Enables the roles in a profile to receive session credentials in CreateSession.

\n

\n Required permissions: \n rolesanywhere:EnableProfile. \n

", + "smithy.api#http": { + "uri": "/profile/{profileId}/enable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#EnableTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Enables a trust anchor. When enabled, certificates in the trust anchor chain are authorized for trust validation.

\n

\n Required permissions: \n rolesanywhere:EnableTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchor/{trustAnchorId}/enable", + "method": "POST" + } + } + }, + "com.amazonaws.rolesanywhere#GetCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Gets a certificate revocation list (CRL).

\n

\n Required permissions: \n rolesanywhere:GetCrl. \n

", + "smithy.api#http": { + "uri": "/crl/{crlId}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#GetProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Gets a profile.

\n

\n Required permissions: \n rolesanywhere:GetProfile. \n

", + "smithy.api#http": { + "uri": "/profile/{profileId}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#GetSubject": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarSubjectRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#SubjectDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + } + ], + "traits": { + "smithy.api#documentation": "

Gets a Subject. A Subject associates a certificate identity with authentication attempts by CreateSession. The Subject resources stores audit information such as status of the last authentication attempt, the certificate data used in the attempt, and the last time the associated identity attempted authentication.

\n

\n Required permissions: \n rolesanywhere:GetSubject. \n

", + "smithy.api#http": { + "uri": "/subject/{subjectId}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#GetTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ScalarTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Gets a trust anchor.

\n

\n Required permissions: \n rolesanywhere:GetTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchor/{trustAnchorId}", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ImportCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ImportCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Imports the certificate revocation list (CRL). CRl is a list of certificates that have been revoked by the issuing certificate Authority (CA). IAM Roles Anywhere validates against the crl list before issuing credentials.

\n

\n Required permissions: \n rolesanywhere:ImportCrl. \n

", + "smithy.api#http": { + "uri": "/crls", + "method": "POST", + "code": 201 + } + } + }, + "com.amazonaws.rolesanywhere#ImportCrlRequest": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the certificate revocation list (CRL).

", + "smithy.api#required": {} + } + }, + "crlData": { + "target": "smithy.api#Blob", + "traits": { + "smithy.api#documentation": "

The x509 v3 specified certificate revocation list

", + "smithy.api#length": { + "min": 1, + "max": 300000 + }, + "smithy.api#required": {} + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Specifies whether the certificate revocation list (CRL) is enabled.

" + } + }, + "tags": { + "target": "com.amazonaws.rolesanywhere#TagList", + "traits": { + "smithy.api#documentation": "

A list of tags to attach to the certificate revocation list (CRL).

" + } + }, + "trustAnchorArn": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorArn", + "traits": { + "smithy.api#documentation": "

The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#InstanceProperties": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#InstanceProperty" + } + }, + "com.amazonaws.rolesanywhere#InstanceProperty": { + "type": "structure", + "members": { + "seenAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "properties": { + "target": "com.amazonaws.rolesanywhere#InstancePropertyMap", + "traits": { + "smithy.api#documentation": "

A list of instanceProperty objects.

" + } + }, + "failed": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the CreateSession operation was successful.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

A key-value pair you set that identifies a property of the authenticating instance.

" + } + }, + "com.amazonaws.rolesanywhere#InstancePropertyMap": { + "type": "map", + "key": { + "target": "smithy.api#String", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + } + } + }, + "value": { + "target": "smithy.api#String", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + } + } + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.rolesanywhere#ListCrls": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ListRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ListCrlsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists all Crls in the authenticated account and Amazon Web Services Region.

\n

\n Required permissions: \n rolesanywhere:ListCrls. \n

", + "smithy.api#http": { + "uri": "/crls", + "method": "GET" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "crls" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ListCrlsResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

" + } + }, + "crls": { + "target": "com.amazonaws.rolesanywhere#CrlDetails", + "traits": { + "smithy.api#documentation": "

A list of certificate revocation lists (CRL).

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ListProfiles": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ListRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ListProfilesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists all profiles in the authenticated account and Amazon Web Services Region.

\n

\n Required permissions: \n rolesanywhere:ListProfiles. \n

", + "smithy.api#http": { + "uri": "/profiles", + "method": "GET" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "profiles" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ListProfilesResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

" + } + }, + "profiles": { + "target": "com.amazonaws.rolesanywhere#ProfileDetails", + "traits": { + "smithy.api#documentation": "

A list of profiles.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ListRequest": { + "type": "structure", + "members": { + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

", + "smithy.api#httpQuery": "nextToken", + "smithy.api#length": { + "min": 1, + "max": 10000 + } + } + }, + "pageSize": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

The number of resources in the paginated list.

", + "smithy.api#httpQuery": "pageSize" + } + } + } + }, + "com.amazonaws.rolesanywhere#ListSubjects": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ListRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ListSubjectsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the subjects in the authenticated account and Amazon Web Services Region.

\n

\n Required permissions: \n rolesanywhere:ListSubjects. \n

", + "smithy.api#http": { + "uri": "/subjects", + "method": "GET" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "subjects" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ListSubjectsResponse": { + "type": "structure", + "members": { + "subjects": { + "target": "com.amazonaws.rolesanywhere#SubjectSummaries", + "traits": { + "smithy.api#documentation": "

A list of subjects.

" + } + }, + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ListTagsForResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ListTagsForResourceRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ListTagsForResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the tags attached to the resource.

\n

\n Required permissions: \n rolesanywhere:ListTagsForResource. \n

", + "smithy.api#http": { + "uri": "/ListTagsForResource", + "method": "GET" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ListTagsForResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.rolesanywhere#AmazonResourceName", + "traits": { + "smithy.api#documentation": "

The ARN of the resource.

", + "smithy.api#httpQuery": "resourceArn", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#ListTagsForResourceResponse": { + "type": "structure", + "members": { + "tags": { + "target": "com.amazonaws.rolesanywhere#TagList", + "traits": { + "smithy.api#documentation": "

A list of tags attached to the resource.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ListTrustAnchors": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#ListRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ListTrustAnchorsResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Lists the trust anchors in the authenticated account and Amazon Web Services Region.

\n

\n Required permissions: \n rolesanywhere:ListTrustAnchors. \n

", + "smithy.api#http": { + "uri": "/trustanchors", + "method": "GET" + }, + "smithy.api#paginated": { + "inputToken": "nextToken", + "outputToken": "nextToken", + "items": "trustAnchors" + }, + "smithy.api#readonly": {} + } + }, + "com.amazonaws.rolesanywhere#ListTrustAnchorsResponse": { + "type": "structure", + "members": { + "nextToken": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A token that indicates where the output should continue from, if a previous operation did not show all results. To get the next results, call the operation again with this value.

" + } + }, + "trustAnchors": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetails", + "traits": { + "smithy.api#documentation": "

A list of trust anchors.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ManagedPolicyList": { + "type": "list", + "member": { + "target": "smithy.api#String", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 200 + } + } + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.rolesanywhere#Profile": { + "type": "resource", + "identifiers": { + "profileId": { + "target": "com.amazonaws.rolesanywhere#Uuid" + } + }, + "create": { + "target": "com.amazonaws.rolesanywhere#CreateProfile" + }, + "read": { + "target": "com.amazonaws.rolesanywhere#GetProfile" + }, + "update": { + "target": "com.amazonaws.rolesanywhere#UpdateProfile" + }, + "delete": { + "target": "com.amazonaws.rolesanywhere#DeleteProfile" + }, + "list": { + "target": "com.amazonaws.rolesanywhere#ListProfiles" + }, + "operations": [ + { + "target": "com.amazonaws.rolesanywhere#DisableProfile" + }, + { + "target": "com.amazonaws.rolesanywhere#EnableProfile" + } + ], + "traits": { + "aws.cloudformation#cfnResource": {} + } + }, + "com.amazonaws.rolesanywhere#ProfileArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1011 + }, + "smithy.api#pattern": "^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:profile.*)$" + } + }, + "com.amazonaws.rolesanywhere#ProfileDetail": { + "type": "structure", + "members": { + "profileId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the profile.

" + } + }, + "profileArn": { + "target": "com.amazonaws.rolesanywhere#ProfileArn", + "traits": { + "smithy.api#documentation": "

The ARN of the profile.

" + } + }, + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the profile.

" + } + }, + "requireInstanceProperties": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Specifies whether instance properties are required in CreateSession requests with this profile.

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the profile is enabled.

" + } + }, + "createdBy": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The Amazon Web Services account that created the profile.

" + } + }, + "sessionPolicy": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A session policy that applies to the trust boundary of the vended session credentials.

" + } + }, + "roleArns": { + "target": "com.amazonaws.rolesanywhere#RoleArnList", + "traits": { + "smithy.api#documentation": "

A list of IAM roles that this profile can assume in a CreateSession operation.

" + } + }, + "managedPolicyArns": { + "target": "com.amazonaws.rolesanywhere#ManagedPolicyList", + "traits": { + "smithy.api#documentation": "

A list of managed policy ARNs that apply to the vended session credentials.

" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the profile was created.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the profile was last updated.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "durationSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

The number of seconds the vended session credentials are valid for.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The state of the profile after a read or write operation.

" + } + }, + "com.amazonaws.rolesanywhere#ProfileDetailResponse": { + "type": "structure", + "members": { + "profile": { + "target": "com.amazonaws.rolesanywhere#ProfileDetail", + "traits": { + "smithy.api#documentation": "

The state of the profile after a read or write operation.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#ProfileDetails": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#ProfileDetail" + } + }, + "com.amazonaws.rolesanywhere#ResourceName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 255 + }, + "smithy.api#pattern": "^[ a-zA-Z0-9-_]*$" + } + }, + "com.amazonaws.rolesanywhere#ResourceNotFoundException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

The resource could not be found.

", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.rolesanywhere#RoleArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1011 + }, + "smithy.api#pattern": "^arn:aws(-[^:]+)?:iam(:.*){2}(:role.*)$" + } + }, + "com.amazonaws.rolesanywhere#RoleArnList": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#RoleArn" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.rolesanywhere#RolesAnywhere": { + "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "RolesAnywhere", + "arnNamespace": "rolesanywhere", + "cloudFormationName": "RolesAnywhere" + }, + "aws.auth#sigv4": { + "name": "rolesanywhere" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "

AWS Identity and Access Management Roles Anywhere provides a secure way for your workloads such as servers, containers, and applications running outside of AWS to obtain Temporary AWS credentials. Your workloads can use the same IAM policies and roles that you have configured with native AWS applications to access AWS resources. Using IAM Roles Anywhere will eliminate the need to manage long term credentials for workloads running outside of AWS.

\n

To use IAM Roles Anywhere customer workloads will need to use X.509 certificates issued by their Certificate Authority (CA) . The Certificate Authority (CA) needs to be registered with IAM Roles Anywhere as a trust anchor to establish trust between customer PKI and IAM Roles Anywhere. Customers who do not manage their own PKI system can use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a Certificate Authority and use that to establish trust with IAM Roles Anywhere

\n

This guide describes the IAM rolesanywhere operations that you can call programmatically. For general information about IAM Roles Anywhere see https://docs.aws.amazon.com/\n

", + "smithy.api#title": "IAM Roles Anywhere" + }, + "version": "2018-05-10", + "operations": [ + { + "target": "com.amazonaws.rolesanywhere#ListTagsForResource" + }, + { + "target": "com.amazonaws.rolesanywhere#TagResource" + }, + { + "target": "com.amazonaws.rolesanywhere#UntagResource" + } + ], + "resources": [ + { + "target": "com.amazonaws.rolesanywhere#Crl" + }, + { + "target": "com.amazonaws.rolesanywhere#Profile" + }, + { + "target": "com.amazonaws.rolesanywhere#Subject" + }, + { + "target": "com.amazonaws.rolesanywhere#TrustAnchor" + } + ] + }, + "com.amazonaws.rolesanywhere#ScalarCrlRequest": { + "type": "structure", + "members": { + "crlId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the certificate revocation list (CRL).

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#ScalarProfileRequest": { + "type": "structure", + "members": { + "profileId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the profile.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#ScalarSubjectRequest": { + "type": "structure", + "members": { + "subjectId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the subject.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#ScalarTrustAnchorRequest": { + "type": "structure", + "members": { + "trustAnchorId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the trust anchor.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#Source": { + "type": "structure", + "members": { + "sourceType": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorType", + "traits": { + "smithy.api#documentation": "

The type of the trust anchor.

" + } + }, + "sourceData": { + "target": "com.amazonaws.rolesanywhere#SourceData", + "traits": { + "smithy.api#documentation": "

The data field of the trust anchor depending on its type.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The trust anchor type and its related certificate data.

" + } + }, + "com.amazonaws.rolesanywhere#SourceData": { + "type": "union", + "members": { + "x509CertificateData": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The PEM-encoded data for the certificate anchor. Included for trust anchors of type CERTIFICATE_BUNDLE.

" + } + }, + "acmPcaArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The root certificate of the Certificate Manager Private Certificate Authority specified by this ARN is used in trust validation for CreateSession operations. Included for trust anchors of type AWS_ACM_PCA.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The data field of the trust anchor depending on its type.

" + } + }, + "com.amazonaws.rolesanywhere#Subject": { + "type": "resource", + "identifiers": { + "subjectId": { + "target": "com.amazonaws.rolesanywhere#Uuid" + } + }, + "read": { + "target": "com.amazonaws.rolesanywhere#GetSubject" + }, + "list": { + "target": "com.amazonaws.rolesanywhere#ListSubjects" + }, + "traits": { + "aws.cloudformation#cfnResource": {} + } + }, + "com.amazonaws.rolesanywhere#SubjectDetail": { + "type": "structure", + "members": { + "subjectArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ARN of the resource.

" + } + }, + "subjectId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The id of the resource

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

The enabled status of the subject.

" + } + }, + "x509Subject": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The x509 principal identifier of the authenticating certificate.

" + } + }, + "lastSeenAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp of the last time this Subject requested temporary session credentials.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the subject was created.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the subject was last updated.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "credentials": { + "target": "com.amazonaws.rolesanywhere#CredentialSummaries", + "traits": { + "smithy.api#documentation": "

The temporary session credentials vended at the last authenticating call with this Subject.

" + } + }, + "instanceProperties": { + "target": "com.amazonaws.rolesanywhere#InstanceProperties", + "traits": { + "smithy.api#documentation": "

The specified instance properties associated with the request.

" + } + } + }, + "traits": { + "smithy.api#documentation": "

The state of the subject after a read or write operation.

" + } + }, + "com.amazonaws.rolesanywhere#SubjectDetailResponse": { + "type": "structure", + "members": { + "subject": { + "target": "com.amazonaws.rolesanywhere#SubjectDetail", + "traits": { + "smithy.api#documentation": "

The state of the subject after a read or write operation.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#SubjectSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#SubjectSummary" + } + }, + "com.amazonaws.rolesanywhere#SubjectSummary": { + "type": "structure", + "members": { + "subjectArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ARN of the resource.

" + } + }, + "subjectId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The id of the resource.

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

The enabled status of the Subject.

" + } + }, + "x509Subject": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The x509 principal identifier of the authenticating certificate.

" + } + }, + "lastSeenAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 time stamp of when the certificate was last used in a CreateSession operation.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 time stamp of when the certificate was first used in a CreateSession operation.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the subject was last updated.

", + "smithy.api#timestampFormat": "date-time" + } + } + }, + "traits": { + "smithy.api#documentation": "

A summary representation of Subject resources returned in read operations; primarily ListSubjects.

" + } + }, + "com.amazonaws.rolesanywhere#Tag": { + "type": "structure", + "members": { + "key": { + "target": "com.amazonaws.rolesanywhere#TagKey", + "traits": { + "smithy.api#documentation": "

The tag key.

", + "smithy.api#required": {} + } + }, + "value": { + "target": "com.amazonaws.rolesanywhere#TagValue", + "traits": { + "smithy.api#documentation": "

The tag value.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

A label that consists of a key and value you define.

" + } + }, + "com.amazonaws.rolesanywhere#TagKey": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 128 + }, + "smithy.api#pattern": "^[ a-zA-Z0-9_.:/=+@-]*$", + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.rolesanywhere#TagKeyList": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#TagKey" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.rolesanywhere#TagList": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#Tag" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, + "com.amazonaws.rolesanywhere#TagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#TagResourceRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#TooManyTagsException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Attaches tags to a resource.

\n

\n Required permissions: \n rolesanywhere:TagResource. \n

", + "smithy.api#http": { + "uri": "/TagResource", + "method": "POST", + "code": 201 + } + } + }, + "com.amazonaws.rolesanywhere#TagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.rolesanywhere#AmazonResourceName", + "traits": { + "smithy.api#documentation": "

The ARN of the resource.

", + "smithy.api#required": {} + } + }, + "tags": { + "target": "com.amazonaws.rolesanywhere#TagList", + "traits": { + "smithy.api#documentation": "

The tags to attach to the resource.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#TagResourceResponse": { + "type": "structure", + "members": {} + }, + "com.amazonaws.rolesanywhere#TagValue": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 256 + }, + "smithy.api#pattern": "^[ a-zA-Z0-9_.:/=+@-]*$", + "smithy.api#sensitive": {} + } + }, + "com.amazonaws.rolesanywhere#TooManyTagsException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

Too many tags.

", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + }, + "com.amazonaws.rolesanywhere#TrustAnchor": { + "type": "resource", + "identifiers": { + "trustAnchorId": { + "target": "com.amazonaws.rolesanywhere#Uuid" + } + }, + "create": { + "target": "com.amazonaws.rolesanywhere#CreateTrustAnchor" + }, + "read": { + "target": "com.amazonaws.rolesanywhere#GetTrustAnchor" + }, + "update": { + "target": "com.amazonaws.rolesanywhere#UpdateTrustAnchor" + }, + "delete": { + "target": "com.amazonaws.rolesanywhere#DeleteTrustAnchor" + }, + "list": { + "target": "com.amazonaws.rolesanywhere#ListTrustAnchors" + }, + "operations": [ + { + "target": "com.amazonaws.rolesanywhere#DisableTrustAnchor" + }, + { + "target": "com.amazonaws.rolesanywhere#EnableTrustAnchor" + } + ], + "traits": { + "aws.cloudformation#cfnResource": {} + } + }, + "com.amazonaws.rolesanywhere#TrustAnchorArn": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 1011 + }, + "smithy.api#pattern": "^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:trust-anchor.*)$" + } + }, + "com.amazonaws.rolesanywhere#TrustAnchorDetail": { + "type": "structure", + "members": { + "trustAnchorId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the trust anchor.

" + } + }, + "trustAnchorArn": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

The ARN of the trust anchor.

" + } + }, + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the trust anchor.

" + } + }, + "source": { + "target": "com.amazonaws.rolesanywhere#Source", + "traits": { + "smithy.api#documentation": "

The trust anchor type and its related certificate data.

" + } + }, + "enabled": { + "target": "smithy.api#Boolean", + "traits": { + "smithy.api#documentation": "

Indicates whether the trust anchor is enabled.

" + } + }, + "createdAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the trust anchor was created.

", + "smithy.api#timestampFormat": "date-time" + } + }, + "updatedAt": { + "target": "smithy.api#Timestamp", + "traits": { + "smithy.api#documentation": "

The ISO-8601 timestamp when the trust anchor was last updated.

", + "smithy.api#timestampFormat": "date-time" + } + } + }, + "traits": { + "smithy.api#documentation": "

The state of the trust anchor after a read or write operation.

" + } + }, + "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse": { + "type": "structure", + "members": { + "trustAnchor": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetail", + "traits": { + "smithy.api#documentation": "

The state of the trust anchor after a read or write operation.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#TrustAnchorDetails": { + "type": "list", + "member": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetail" + } + }, + "com.amazonaws.rolesanywhere#TrustAnchorType": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "AWS_ACM_PCA", + "name": "AWS_ACM_PCA" + }, + { + "value": "CERTIFICATE_BUNDLE", + "name": "CERTIFICATE_BUNDLE" + }, + { + "value": "SELF_SIGNED_REPOSITORY", + "name": "SELF_SIGNED_REPOSITORY" + } + ] + } + }, + "com.amazonaws.rolesanywhere#UntagResource": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#UntagResourceRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#UntagResourceResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Removes tags from the resource.

\n

\n Required permissions: \n rolesanywhere:UntagResource. \n

", + "smithy.api#http": { + "uri": "/UntagResource", + "method": "POST", + "code": 200 + } + } + }, + "com.amazonaws.rolesanywhere#UntagResourceRequest": { + "type": "structure", + "members": { + "resourceArn": { + "target": "com.amazonaws.rolesanywhere#AmazonResourceName", + "traits": { + "smithy.api#documentation": "

The ARN of the resource.

", + "smithy.api#required": {} + } + }, + "tagKeys": { + "target": "com.amazonaws.rolesanywhere#TagKeyList", + "traits": { + "smithy.api#documentation": "

A list of keys. Tag keys are the unique identifiers of tags.

", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.rolesanywhere#UntagResourceResponse": { + "type": "structure", + "members": {} + }, + "com.amazonaws.rolesanywhere#UpdateCrl": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#UpdateCrlRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#CrlDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates the certificate revocation list (CRL). CRl is a list of certificates that have been revoked by the issuing certificate Authority (CA). IAM Roles Anywhere validates against the crl list before issuing credentials.

\n

\n Required permissions: \n rolesanywhere:UpdateCrl. \n

", + "smithy.api#http": { + "uri": "/crl/{crlId}", + "method": "PATCH" + } + } + }, + "com.amazonaws.rolesanywhere#UpdateCrlRequest": { + "type": "structure", + "members": { + "crlId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the certificate revocation list (CRL).

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the Crl.

" + } + }, + "crlData": { + "target": "smithy.api#Blob", + "traits": { + "smithy.api#documentation": "

The x509 v3 specified certificate revocation list

", + "smithy.api#length": { + "min": 1, + "max": 300000 + } + } + } + } + }, + "com.amazonaws.rolesanywhere#UpdateProfile": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#UpdateProfileRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#ProfileDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates the profile. A profile is configuration resource to list the roles that RolesAnywhere service is trusted to assume. In addition, by applying a profile you can scope-down permissions with IAM managed policies.

\n

\n Required permissions: \n rolesanywhere:UpdateProfile. \n

", + "smithy.api#http": { + "uri": "/profile/{profileId}", + "method": "PATCH" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.rolesanywhere#UpdateProfileRequest": { + "type": "structure", + "members": { + "profileId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the profile.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the profile.

" + } + }, + "sessionPolicy": { + "target": "smithy.api#String", + "traits": { + "smithy.api#documentation": "

A session policy that applies to the trust boundary of the vended session credentials.

", + "smithy.api#length": { + "min": 1, + "max": 100000 + } + } + }, + "roleArns": { + "target": "com.amazonaws.rolesanywhere#RoleArnList", + "traits": { + "smithy.api#documentation": "

A list of IAM roles that this profile can assume in a CreateSession operation.

" + } + }, + "managedPolicyArns": { + "target": "com.amazonaws.rolesanywhere#ManagedPolicyList", + "traits": { + "smithy.api#documentation": "

A list of managed policy ARNs that apply to the vended session credentials.

" + } + }, + "durationSeconds": { + "target": "smithy.api#Integer", + "traits": { + "smithy.api#documentation": "

The number of seconds the vended session credentials are valid for.

", + "smithy.api#range": { + "min": 900, + "max": 43200 + } + } + } + } + }, + "com.amazonaws.rolesanywhere#UpdateTrustAnchor": { + "type": "operation", + "input": { + "target": "com.amazonaws.rolesanywhere#UpdateTrustAnchorRequest" + }, + "output": { + "target": "com.amazonaws.rolesanywhere#TrustAnchorDetailResponse" + }, + "errors": [ + { + "target": "com.amazonaws.rolesanywhere#AccessDeniedException" + }, + { + "target": "com.amazonaws.rolesanywhere#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.rolesanywhere#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "

Updates the trust anchor.You establish trust between IAM Roles Anywhere and your certificate authority (CA) by configuring a trust anchor. A Trust Anchor is defined either as a reference to a AWS Certificate Manager Private Certificate Authority (ACM PCA), or by uploading a Certificate Authority (CA) certificate. Your AWS workloads can authenticate with the trust anchor using certificates issued by the trusted Certificate Authority (CA) in exchange for temporary AWS credentials.

\n

\n Required permissions: \n rolesanywhere:UpdateTrustAnchor. \n

", + "smithy.api#http": { + "uri": "/trustanchor/{trustAnchorId}", + "method": "PATCH" + }, + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.rolesanywhere#UpdateTrustAnchorRequest": { + "type": "structure", + "members": { + "trustAnchorId": { + "target": "com.amazonaws.rolesanywhere#Uuid", + "traits": { + "smithy.api#documentation": "

The unique identifier of the trust anchor.

", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "name": { + "target": "com.amazonaws.rolesanywhere#ResourceName", + "traits": { + "smithy.api#documentation": "

The name of the trust anchor.

" + } + }, + "source": { + "target": "com.amazonaws.rolesanywhere#Source", + "traits": { + "smithy.api#documentation": "

The trust anchor type and its related certificate data.

" + } + } + } + }, + "com.amazonaws.rolesanywhere#Uuid": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 36, + "max": 36 + }, + "smithy.api#pattern": "[a-f0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}" + } + }, + "com.amazonaws.rolesanywhere#ValidationException": { + "type": "structure", + "members": { + "message": { + "target": "smithy.api#String" + } + }, + "traits": { + "smithy.api#documentation": "

Validation exception error.

", + "smithy.api#error": "client", + "smithy.api#httpError": 400 + } + } + } +} \ No newline at end of file diff --git a/codegen/sdk-codegen/aws-models/ssm-incidents.json b/codegen/sdk-codegen/aws-models/ssm-incidents.json index 17755351381..5f26f650398 100644 --- a/codegen/sdk-codegen/aws-models/ssm-incidents.json +++ b/codegen/sdk-codegen/aws-models/ssm-incidents.json @@ -838,7 +838,7 @@ "variable": { "target": "com.amazonaws.ssmincidents#VariableType", "traits": { - "smithy.api#documentation": "

Variable dynamic parameters. A parameter value is determined when an incident is created.

", + "smithy.api#documentation": "

Variable dynamic parameters. A parameter value is determined when an incident is\n created.

", "smithy.api#tags": [ "logs_investigations" ] @@ -1765,6 +1765,12 @@ "traits": { "smithy.api#documentation": "

The Amazon SNS targets that are notified when updates are made to an\n incident.

" } + }, + "incidentTags": { + "target": "com.amazonaws.ssmincidents#TagMap", + "traits": { + "smithy.api#documentation": "

Tags to apply to an incident when calling the StartIncident API action.

" + } } }, "traits": { @@ -3258,7 +3264,7 @@ "dynamicParameters": { "target": "com.amazonaws.ssmincidents#DynamicSsmParameters", "traits": { - "smithy.api#documentation": "

The key-value pair to resolve dynamic parameter values when processing a Systems Manager Automation runbook.

" + "smithy.api#documentation": "

The key-value pair to resolve dynamic parameter values when processing a Systems Manager\n Automation runbook.

" } } }, @@ -3383,7 +3389,7 @@ "responsePlanArn": { "target": "com.amazonaws.ssmincidents#Arn", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the response plan that pre-defines summary, chat\n channels, Amazon SNS topics, runbooks, title, and impact of the incident.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the response plan that pre-defines summary, chat\n channels, Amazon SNS topics, runbooks, title, and impact of the incident.\n

", "smithy.api#required": {}, "smithy.api#tags": [ "logs_investigations" @@ -3399,7 +3405,7 @@ "impact": { "target": "com.amazonaws.ssmincidents#Impact", "traits": { - "smithy.api#documentation": "

Defines the impact to the customers. Providing an impact overwrites the impact\n provided by a response plan.

\n

\n Possible impacts:\n

\n " + "smithy.api#documentation": "

Defines the impact to the customers. Providing an impact overwrites the impact\n provided by a response plan.

\n

\n Possible impacts:\n

\n " } }, "triggerDetails": { @@ -3494,6 +3500,31 @@ } } }, + "com.amazonaws.ssmincidents#TagMapUpdate": { + "type": "map", + "key": { + "target": "com.amazonaws.ssmincidents#TagKey", + "traits": { + "smithy.api#tags": [ + "logs_investigations" + ] + } + }, + "value": { + "target": "com.amazonaws.ssmincidents#TagValue", + "traits": { + "smithy.api#tags": [ + "logs_investigations" + ] + } + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } + } + }, "com.amazonaws.ssmincidents#TagResource": { "type": "operation", "input": { @@ -4218,7 +4249,7 @@ "incidentTemplateImpact": { "target": "com.amazonaws.ssmincidents#Impact", "traits": { - "smithy.api#documentation": "

Defines the impact to the customers. Providing an impact overwrites the impact\n provided by a response plan.

\n

\n Possible impacts:\n

\n " + "smithy.api#documentation": "

Defines the impact to the customers. Providing an impact overwrites the impact\n provided by a response plan.

\n

\n Possible impacts:\n

\n " } }, "incidentTemplateSummary": { @@ -4251,7 +4282,7 @@ "engagements": { "target": "com.amazonaws.ssmincidents#EngagementSet", "traits": { - "smithy.api#documentation": "

The contacts and escalation plans that Incident Manager engages at the start of the incident.

" + "smithy.api#documentation": "

The contacts and escalation plans that Incident Manager engages at the start of the\n incident.

" } }, "actions": { @@ -4259,6 +4290,12 @@ "traits": { "smithy.api#documentation": "

The actions that this response plan takes at the beginning of an incident.

" } + }, + "incidentTemplateTags": { + "target": "com.amazonaws.ssmincidents#TagMapUpdate", + "traits": { + "smithy.api#documentation": "

Tags to apply to an incident when calling the StartIncident API action.\n To call this action, you must also have permission to call the TagResource\n API action for the incident record resource.

" + } } } },